WAAP

Welcome to the Gcore Web Application and API Protection (WAAP) documentation page! Here, we explain how to use, configure, and troubleshoot Gcore’s Web Application and API Protection services.

Our WAAP combines all aspects of website security and traffic management, including Layer 7 DDoS protection, web application firewall, and API protection. With the help of built-in custom rules, advanced behavioral analytics, and a range of available customization options, Gcore WAAP protects your domains against known vulnerabilities and common exploits.

From the left-side menu, you can access in-depth documentation about WAAP:

• About WAAP - read how WAAP works and about its key components.
• Billing – check the available package options.
• Getting started – integrate WAAP with your domain.
• WAAP policies – view of the list of pre-configured security policies.
• Analytics - get detailed statistics on web requests and the history of DDoS attacks.
• IP security – inspect IP addresses and add them to block or allow lists.
• API discovery and protection – identify potential APIs and secure API endpoints.
• WAAP rules – use custom and advanced rules to manage incoming traffic.
• Response pages – configure pages for access restrictions, block operations, and security validations.
• L7 DDoS protection – protect your application against L7 DDoS attacks.
• FAQs – check answers to the commonly asked questions about our product.
• Troubleshooting – address common issues related to WAAP.