Next-Gen WAF

These articles explain how to use the Fastly Next-Gen WAF (powered by Signal Sciences).

What's new

Learn about recently released features and products.

Upcoming session timeout standardization To help you increase your security posture on the Fastly platform, starting Q1 2024 all users will…

Read more

Getting started

These articles provide basic information about the Next-Gen WAF product and architecture.

Welcome! This guide provides a high-level overview of the steps needed to set up and configure the Next-Gen WAF product. Guided by our Sales…

Read more

The Next-Gen WAF is an application security monitoring system that proactively monitors and protects your web application from malicious…

Read more

Install guides

These articles explain how to install and configure the Next-Gen WAF.

Agent-only deployment

These articles describe the agent-only deployment options.

Cloud WAF deployment

These articles describe how to use Cloud WAF.

PaaS deployment

These articles describe set up and deployment of the Signal Sciences agent using one of our compatible Platform as a Service (PaaS) platforms.

Next-Gen WAF supports multiple installation methods. You can use Fastly’s Edge Cloud Platform , hosted Cloud WAF solution, or you can…

Read more

The Edge deployment method allows you to add the Next-Gen WAF as an edge security service onto Fastly's Edge Cloud platform without needing…

Read more

When deployed in a self-hosted deployment, the Next-Gen WAF agent requires egress to multiple external endpoints to facilitate actions (e.g…

Read more

Processors We support the following processors: Intel. All agent and module versions are compatible with Intel processors. AMD. All agent…

Read more

Agent The Signal Sciences agent supports different combinations of operating systems and architecture types. Download the latest version of…

Read more

Using the Next-Gen WAF

These articles provide information about working with the Next-Gen WAF web interface.

Agent mode

These articles describe how to set the Agent mode on the Signal Sciences agent.

Agent response codes

These articles describe how to set custom agent response codes on the Signal Sciences agent.

Data storage and privacy

These articles describe how we store and make available request and response data via the web interface and API.


These articles describe how to work with signals.


These articles describe how to work with sites (also known as workspaces).

Header links facilitate cross-referencing Next-Gen WAF data with your own internal systems via a hyperlink. We currently support linking…

Read more

Site alerts monitor and handle requests from IP addresses that have been tagged with specific signals. Specifically, when the number of…

Read more


These articles explain how to work with the Next-Gen WAF API.

Our entire console is built API-first — this means that anything we can do, you can do as well via our RESTful/JSON API . We’ve seen…

Read more

Next-Gen WAF stores requests that contain attacks and anomalies, with some qualifications. If you would like to extract this data in bulk…

Read more

This document demonstrates various data flows between the Module and Agent. While MessagePack is the serialization protocol, the data is…

Read more

X-SigSci- headers are added to incoming requests. The end user (your customers) can't see them. However, your internal application can use…

Read more


These articles provide answers to frequently asked questions.

StatsD Metrics Metrics can be reported through StatsD to the service of your choice using the statsd-address agent configuration flag…

Read more

Often the server being protected is behind a load balancer or other proxy. In this case, the server will see this load balancer or proxy IP…

Read more

Fastly Security Labs is a program that grants your corp access to in-development beta features. In addition to early access to these…

Read more

Fastly provides full support for IPv6 in the product, including: Detection and decisioning: Requests are appropriately tagged and IPv…

Read more


These articles describe how to troubleshoot common problems.

My data is not showing in the console but the agent and module are running If both the agent and module are reporting as active within the…

Read more

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security…

Read more

Apache module fails to load ( The following information has been confirmed for RHEL/CentOS deployments using the default yum module…

Read more


These articles provide reference information for Next-Gen WAF.

Term Definition Admin A user role that has limited access to corp configurations, can edit specific sites, and can invite users to sites…

Read more

Free Text In many cases, you can just enter a free-text query. Example Description /a/path/here sqli -7h Show all SQLI in last 7 hours with…

Read more