API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Web Application Security
Web Application Security
BillingCreate protected resourceUse Web Application Security and CDNConfigure protection settingsAdd an SSL certificateRate LimiterSet the Access PolicyDeny accessSet the X-Forward-For headerCheck reports
View eventsCreate rulesRule typesManage triggersSettings
How do I change an A record?What criteria do you analyze?I see lots of requests from several IPs. Could this be an attack?I changed my A record long time ago, but you are not filtering it. What to do?Attackers have found out my origin IP and are attacking it directly. What should I do? directly. What should I do?Who is attacking us?Will a blacklisted user get unblocked after a particular time?During a DDoS attack, we changed your IP address, but we still have problems with the performance. Why?Do you protect against attacks targeted at DNS?Can you disable the protection for some time for the entire site or certain parts of the site?How long does the service enabling take?Which web crawlers doesn't your service block?Force an IP banGet all banned IP addresses for all resourcesRenew SSL certificates
API
Chosen image
Home/Web Application Security

Web Application Security

Welcome to the Gcore Web Application Security documentation page! Here we explain how to use, configure, and troubleshoot Gcore’s security features.

Web Application Security protects your web applications against DDoS attacks, hacking threats, and malicious bot activities.

From the left-side menu, you can access in-depth documentation about Web Application Security:

  • Billing – how the service is billed
  • Create protected resource – integrate your web application
  • Use Web Application Security and CDN – use Web Application Security with Gcore CDN
  • Configure protection settings – configure additional protection settings
  • Add an SSL certificate – add a custom SSL certificate, purchase a Let’s Encrypt installation
  • Rate Limiter – configure bot protection
  • Set the access policy – set the country and IP access policy
  • Deny access – restrict access except to trusted IPs and Gcore subnets
  • Set the X-Forward-For header – collect visitor IPs
  • Check reports – view service reports
  • Manage WAF – manage functions of Web Application Firewall, including events, rules, notifications
  • FAQ – short answers to the most popular user questions

If you have any questions or if there is a security-related topic that you think we’re missing, please leave a comment and our content team will address it.

Was this article helpful?

Not a Gcore user yet?

Discover the all-in-one Web security solution by Gcore

Go to the product page
// // Initialize a variable to undefined initially. // var growthBook = undefined; // (function() { // try { // var script = document.createElement('script'); // script.src = "https://cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/auto.min.js"; // script.setAttribute("data-api-host", "https://cdn.growthbook.io"); // script.setAttribute("data-client-key", "sdk-truekA5wvhMYaqsu"); // document.head.appendChild(script); // script.onload = function() { // console.log("GrowthBook script loaded successfully."); // growthBook = window.GrowthBook; // Assuming GrowthBook attaches itself to window // }; // script.onerror = function() { // console.error("Failed to load the GrowthBook script."); // growthBook = undefined; // Explicitly set to undefined on error // }; // } catch (error) { // console.error("An error occurred while setting up the GrowthBook script:", error); // growthBook = undefined; // } // })(); // // Optional: Push to dataLayer if needed // window.dataLayer = window.dataLayer || []; // window.dataLayer.push({ // 'event': 'scriptLoadStatus', // 'growthBookStatus': growthBook ? "Loaded" : "Failed" // });