---
sidebar_position: 1
---

# WAF

The WAF section allows you to manage CorazaWAF, a powerful Web Application Firewall integrated into OpenPanel.

Use this interface to enhance security by enabling protection against common web threats such as SQL injection, XSS, and other malicious behavior.

## Enable
Toggle the Web Application Firewall on or off.
When enabled, CorazaWAF actively inspects incoming requests and blocks suspicious activity based on configured rules.

## Rule Sets
Manage the rule sets that CorazaWAF uses to protect your applications.

**Active:** Displays the number of currently active rule sets (e.g., 21 / 23).

Click **Manage Rules** to enable or disable individual WAF rule sets according to your security needs.

The rule set table includes the following columns:

- **Name** – The name or identifier of the rule set.

- **Number of Rules** – Total number of rules contained within the set.

- **Status** – Indicates whether the rule set is currently enabled or disabled.

- **Actions** – Options to View rule details or Disable the rule set.

Properly configuring WAF rules helps maintain a balance between strong protection and minimizing false positives.