WAF
The WAF section allows you to manage CorazaWAF, a powerful Web Application Firewall integrated into OpenPanel.
Use this interface to enhance security by enabling protection against common web threats such as SQL injection, XSS, and other malicious behavior.
Enable​
Toggle the Web Application Firewall on or off. When enabled, CorazaWAF actively inspects incoming requests and blocks suspicious activity based on configured rules.
Rule Sets​
Manage the rule sets that CorazaWAF uses to protect your applications.
Active: Displays the number of currently active rule sets (e.g., 21 / 23).
Click Manage Rules to enable or disable individual WAF rule sets according to your security needs.
The rule set table includes the following columns:
Name – The name or identifier of the rule set.
Number of Rules – Total number of rules contained within the set.
Status – Indicates whether the rule set is currently enabled or disabled.
Actions – Options to View rule details or Disable the rule set.
Properly configuring WAF rules helps maintain a balance between strong protection and minimizing false positives.