WAF DDoS Guard


Please note that any website can be subject to DDoS attacks and hacking. To protect yourself against hacking, you first need to protect the website at the network level (L3-L4), then at the website level (L7), and then enable Web Application Firewall. Learn more about website protection provided by DDoS Guard. Web Application Firewall (WAF) is used to protect websites (applications, web resources) from targeted attacks that exploit application vulnerabilities.

WAF helps detect and block attacks from the OWASP Top 10 threat list.

Technical Implementation

All connections to the protected applications pass through filtering nodes. The nearest node is located in St. Petersburg.

The web application firewall (WAF) analyzes and cleans traffic at the application protocol layer HTTP/HTTPS, DNS, and so on, taking into account the characteristics of a particular application.

WAF provided by DDoS Guard is PCI DSS compliant, which helps prevent the theft of critical corporate data and protect customer information, as well as reduces the risk of your IT infrastructure being used to attack other companies.


A test period of 2 weeks is provided when enabling the service.

The service is provided depending on the selected legitimate traffic package. The prices are provided on our website.

The selected traffic packet includes a certain number of RPS (requests per second). Approximately 1 RPS equals 0.4 Mbps.

Please note that for traffic overconsumption, an additional payment is charged according to actual consumption. The cost per RPS for overconsumption depends on the selected package.

The maximum port load for the billing period is calculated as follows:

  • the value of the volumes of incoming and outgoing traffic is taken with an interval of 300 seconds;
  • the maximum value of the two volumes of transmitted data is selected and divided by the duration of the time interval when the volume of incoming and outgoing traffic was measured;
  • at the end of the billing period, the maximum speed values the total duration of which is equal to 5% of the duration of the reporting period, are discarded from the resulting series of values;
  • the maximum port load is defined as the maximum value of the remaining speed values, rounded to RPS with an accuracy of 2 decimal places.

Enabling the Service

When connecting WAF DDoS Guard, you need to enable Anti DDoS protection. We recommend enabling application protection at the network level with the Normal tariff, otherwise you will be assigned a dynamic IP address, which is less secure and will not ensure the correct operation of the WAF service.

Follow these steps to enable WAF DDoS Guard in the Control panel:

  1. Go to the Network Services section and open the Anti DDoS tab.
  2. Click Order services.
  3. In the list that opens, select the required service according to the selected tariff and click Pay.
  4. Specify the payment period in the new window.
  5. Click Pay for Service.

Service Usage

The login and password for your DDoS Guard personal account will be sent to the email specified when enabling the service.

In your account:

  • you can find graphs and tables of incidents and information about any attempts to exploit vulnerabilities;
  • you can adjust the sensitivity of incident detection;
  • you can disable some filtering rules.

The WAF service supports the following modes:

  • monitoring is disabled;
  • only detection is enabled;
  • lock mode.

Disabling the Service

To disable the service, create a ticket with a request at least 30 days before the planned deactivation.

The amount of the subscription fee is fixed and doesn’t depend on the term of the provision of the services in a specific billing period.

Please note that you will receive a notification in the ticket after service deactivation. By agreement, the service can be disabled from the first day of the next calendar month. The subscription fee for the current period is not refundable.