Customer SupportGet Expert Help
Skip to main content

General Protection

WAF

The WAF module applies signature-based detection, anomaly detection, and AI-driven behavioural analysis to identify and block malicious traffic.

WAF Monitoring Mode

WAF monitoring mode puts WAF under a separate monitor mode when a certain website works under block mode. When enabled, despite WAF taking no action on abnormal requests, it still keeps records in the Analytics.

WAF Protection Policy

MaxiSafe provides predefined WAF protection policies with various security levels, allowing administrators to apply rules based on security requirements.

  • Basic (Default Option) – Enforces fundamental protections against common web threats.
  • Standard – Expands rule coverage to include additional filtering mechanisms for increased threat mitigation.
  • Strict – Implements the most comprehensive security controls, reducing false negatives at the cost of higher sensitivity.
  • Basic Plus – Extends the Basic policy with additional AI-driven detection enhancements.
  • Standard Plus – Enhances the Standard policy with advanced heuristics and behaviour-based blocking.
  • Monitoring – Logs threat data without blocking traffic, useful for security audits and policy evaluation.
  • Balanced – Applies moderate security rules for testing and validation purposes, providing average detection sensitivity.
  • Breach and Attack Simulation (BAS) – Simulates real-world attack techniques to validate WAF performance and expose coverage gaps.
  • API-Specific – Tailored for API protection, focusing on threats that typically evade traditional web-focused WAF rules.

Selecting an appropriate WAF Protection Policy ensures the right balance between security enforcement and operational flexibility, reducing attack exposure while maintaining application availability.

Custom WAF Protection Policy

Enables users to customise and manage the WAF protection policy based on the predefined templates.

  • Name and Description

  • Policy Templates: Select the template (Basic/Standard/Strict) to start customisation.

  • Rule Group: Select the rule group to be customised. Configure the scope of the rule being implemented.

  • Rules

    • Rule ID, Rule Name, Description, Risk Level and Security Level.
    • Enable/Disable – Switch the toggle to activate/disable the rule from WAF detection.
  • Action – Configure the action for the rule to either Block or Monitor when the rule is triggered.