Thanks for your feedback!
EDIT
You can use WAF to secure APIs. WAF must be contracted by the customer. WAF management will also be the customer’s responsibility. In a macro way, the activation process is:
Change DNS for WAF provider
Configure WAF provider upstream for DNS ALIAS
It is important that WAF maintains the host header of the original request (default behavior in most vendors)
When using WAF, TLS termination will occur at the WAF layer itself. |
The diagram below represents the use of API Platform with WAF:
Share your suggestions with us!
Click here and then [+ Submit idea]