Web Application Front

Next-gen Web Application protection which will act as a front door. It will protect, accelerate and stop hack attempts at your web applications, APIs and microservices.

This web application security platform will act as your front door. It will improve, secure and boost application performance to many private, hybrid or multi-cloud environments.

Easy to manage

It’s designed to allow you to easily manage and control your websites by web interface. The automated API will let you integrate it in to your own back-end processes. That’s why it’s integrating within any business model.

Wholesale packages

You can purchase a bundle of web requests which you can use for just one or many web applications. This way, your resources are shared between multiple clients and/or websites.

Deploy near your end-users around the world.

The Serverius WAF service is using is hosted in many countries around the world. All datacenters are working to protect your application. By using anycast IP routing all web traffic will be cleaned and forwarded locally to its users. The data traffic from the host to its user will not leave its continent: “What happened in a country stays in that country”.

Every edge location of our global anycast network is included, with no additional charges for using the whole map or any specific region. Our global threat intelligence system will identify global security vulnerabilities and add them to the global WAF policies which will be pushed to all scrubbing centers worldwide.

100% API first

The every technical function has been developed by a “API first” principle, which means that all available functionality is offered by https://api.serverius.net. The API hase even more functionality than our own Serverius client panel: https://my.serverius.net. By using an API you can easily integrate everything into your infrastructure and order processes. And on the same time you can keep working in the webinterface.

Web application Firewall API

Let’s Encrypt by default

When adding a domain to the WAF, a Let’s Encrypt SSL certificate will created by default. It will save you install and update SSL certificates at your hosting environment. And of course, this free SSL can also be overruled by your personal/commercial SSL certificate.

Layer 7 application DDoS protection

Protect against advanced application-layer DDoS (SlowLoris, RUDY and Slow Read attacks) attacks which are different from volumetric DDoS attacks with fingerprinting and IP reputation to identify real request from fake ones. Secure against application DDoS using a variety of risk assessment techniques such as application-centric thresholds, protocol checks, session integrity, active and passive client challenges, historical client reputation blacklists and anomalous idle-time detection.

Application DDoS protecton by WAF

Application IP load balancing

Cleaned web traffic from can be forwarded to one or multiple public IP addresses. This allows users to distribute load to multiple hosting resources to maximize their throughput, create redundancy, and avoid overload of any single resource. 

You can use many lad balancing types like Round Robin, Weighted Round Robin,  Least Connection and Weighted Least Connection. And of course the addition of IP subnets can be set by web interface or API.

proxy ip subnet load balancing destination ip subnet

OWASP Core Rule Set support

The OWASP ModSecurity Top 10 Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The Serverius WAF support many common attack categories like including SQL Injection (SQLi), Cross Site Scripting (XSS), Local File Inclusion (LFI), Remote File Inclusion (RFI), Remote Code Execution (RCE), PHP Code Injection.

  • Free setup:Free setup:
  • Amount of HTTPS web requestsAmount of HTTPS web requests
  • Amount of web applications (websites) configurationsAmount of web applications (websites) configurations
  • Amount of (sub)domains (domain names):Amount of (sub)domains (domain names):
  • Unlimited amount of attack included:Unlimited amount of attack included:
  • OWASP top 10 WAF functionality included:OWASP top 10 WAF functionality included:
  • 100% guaranteed layer 3 and 4 volume DDoS protection:100% guaranteed layer 3 and 4 volume DDoS protection:
  • Advanced layer 7 DDoS protection with realtime HTTPS data traffic inspection:Advanced layer 7 DDoS protection with realtime HTTPS data traffic inspection:
  • Application (forward IP) load balancing:Application (forward IP) load balancing:
  • Support type:Support type:
  • Amount of custom WAF rules:Amount of custom WAF rules:
  • 100% Rest-API functionality (https://api.serverius.net):100% Rest-API functionality (https://api.serverius.net):
  • Use of BGP announce own private IP subnets:Use of BGP announce own private IP subnets:
  • Customized captcha form and custom error pages:Customized captcha form and custom error pages:
  • Audit logs:Audit logs:
  • IP black and white-listsIP black and white-lists
  • App-Front 100

  • 349,-

    $/€ per month

  • Free setup:
  • Amount of HTTPS web requests100 million
  • Amount of web applications (websites) configurations10
  • Amount of (sub)domains (domain names):100
  • Unlimited amount of attack included:
  • OWASP top 10 WAF functionality included:
  • 100% guaranteed layer 3 and 4 volume DDoS protection:
  • Advanced layer 7 DDoS protection with realtime HTTPS data traffic inspection:
  • Application (forward IP) load balancing:
  • Support type:Office hours ticket & mail support
  • Amount of custom WAF rules:None
  • 100% Rest-API functionality (https://api.serverius.net):
  • Use of BGP announce own private IP subnets:
  • Customized captcha form and custom error pages:
  • Audit logs:
  • IP black and white-lists
  • App-Front 500

  • 749,-

    $/€ per month

  • Free setup:
  • Amount of HTTPS web requests500 million
  • Amount of web applications (websites) configurations50
  • Amount of (sub)domains (domain names):500
  • Unlimited amount of attack included:
  • OWASP top 10 WAF functionality included:
  • 100% guaranteed layer 3 and 4 volume DDoS protection:
  • Advanced layer 7 DDoS protection with realtime HTTPS data traffic inspection:
  • Application (forward IP) load balancing:
  • Support type:Office hours ticket & mail support
  • Amount of custom WAF rules:20
  • 100% Rest-API functionality (https://api.serverius.net):
  • Use of BGP announce own private IP subnets:
  • Customized captcha form and custom error pages:
  • Audit logs:
  • IP black and white-lists
  • App-Front 1000

  • 2849,-

    $/€ per month

  • Free setup:
  • Amount of HTTPS web requests1 billion
  • Amount of web applications (websites) configurations250
  • Amount of (sub)domains (domain names):5000
  • Unlimited amount of attack included:
  • OWASP top 10 WAF functionality included:
  • 100% guaranteed layer 3 and 4 volume DDoS protection:
  • Advanced layer 7 DDoS protection with realtime HTTPS data traffic inspection:
  • Application (forward IP) load balancing:
  • Support type:24x7 telephone, ticket & mail support
  • Amount of custom WAF rules:50
  • 100% Rest-API functionality (https://api.serverius.net):
  • Use of BGP announce own private IP subnets:
  • Customized captcha form and custom error pages:
  • Audit logs:
  • IP black and white-lists

Register to start

To start offering WAF protection to your websites and applications is simple:

  1. Register a 14 day trial.

  2. Point your websites and/or applications to a anycast WAF IP.

  3. Add one or multiple destination IP to forward all clean traffic to.

That’s it! you’re protected! If you like you can tweak setting, enable extra’s and start testing your defenses.