• F5

    Deliver and secure every app

  • DevCentral

    Connect & learn in our hosted community

  • MyF5

    Your key to everything F5, including support, registration keys, and subscriptions

  • NGINX

    Learn more about NGINX Open Source and read the community blog

  • Community Forum

    Engage with the broader NGINX community for discussions and troubleshooting

Overview

F5 WAF for NGINX (formerly NGINX App Protect WAF) is an advanced, lightweight and high-performance web application firewall (WAF) for applications and APIs.

It provides protection for the OWASP Top 10, with additional functionality:

  • HTTP response inspection and protocol compliance
  • Data schema validation (JSON & XML)
  • Meta character checking
  • Disallowing file types

For more details, see the Supported security policy features.

It is platform-agnostic and supports a range of deployment options:

  1. Virtual machine or bare metal
    • NGINX and WAF components operate on the host system
    • Ideal for existing NGINX virtual environments
  2. Kubernetes
    • Integrates NGINX and WAF components in a single pod
    • Ideal for scalable, cloud-native environments
  3. Docker
    • NGINX and WAF components are deployed as containers
    • Ideal for environments with multiple deployment stages

For more details, see the Technical specifications.

F5 WAF for NGINX is part of the NGINX One premium packages and runs natively on NGINX Plus and NGINX Ingress Controller.

View source
Edit this page
Create a new issue