Our Cloud’s Web Application Firewall (WAF) leverages the NGINX Modsec module paired with an internally managed set of rules. Protected by our Web Application Firewall (WAF), a Layer 7 security protocol that continuously monitors, detects, filters, and blocks malicious activity while allowing legitimate HTTP traffic to pass seamlessly.
It safeguards your web applications against common application-layer attacks such as cross-site scripting (XSS), cross-site request forgery (CSRF), cookie poisoning, file inclusion, and SQL injection, among others.

Blocked requests may receive a 406 Not Acceptable HTTP response stating the following.

406 Not Acceptable
Not Acceptable. Our sentries tell us that you should not be doing this.

Website owner? If you think you have reached this message in error, please contact support.

Reporting WAF Issues & False Positives

If it is determined that Modsec may be breaking legitimate functionality or false positives are present, please reach out to CloudyShaper for support.