---
title: Managing sites (workspaces)
summary: null
url: https://www.fastly.com/documentation/guides/next-gen-waf/managing-sites
---


A site (workspace) is a user-defined collection of rules and settings that govern how the Next-Gen WAF processes and handles incoming requests to your web application or origin server. Using this collection of rules and settings, you can [adjust the protection](/guides/next-gen-waf/getting-started/start-here/#adjust-the-protection-and-data-privacy) of your web application or origin server, ensuring the WAF blocks malicious traffic and allows legitimate requests.

Every site (workspace) belongs to a corp (also known as a corporation or account). The corp (account) acts as the company hub for adding and deleting sites (workspaces), applying configurations across multiple sites (workspaces), and controlling user access. Users are authenticated against a corp (account) and can be members of different sites (workspaces) in that corp (account).

![Diagram of a corp (account) with three sites (workspaces) and six users. User 1 has access to all sites (workspaces). Users 2 and 3 only have access to site 1 (workspace 1). User 4 has access to site 2 (workspace 2) and site 3 (workspace 3). User 5 only has access to site 2 (workspace 2). User 6 only has access to site 3 (workspace 3).](/img/ngwaf/corp-site-diagram.png)

## Adding sites (workspaces)

You can create multiple sites (workspaces) to help differentiate and protect various APIs, microservices, and web applications. When defining the scope of your site (workspace), consider how you want to compartmentalize data, rules, and account access. For example, you may want to create sites (workspaces) based on an environment type (e.g., development, staging, and production) or region (e.g., APAC, EU, and US).

> **HINT:** By default, your corp (account) has a limited number of sites (workspaces). If you need more, [contact support](https://support.fastly.com) for assistance.

To add a site (workspace), follow these steps:

<!-- TabbedPanels component: 
<Panel id="next-gen-waf-control-panel">

1. <Partial name='step-ngwaf-login' inline />
1. From the corp navigation bar, click the **Corp Manage** menu and then select **Sites**.
1. Click **Add site**.
1. In the **Display name** field, enter a friendly name for the new site. The display name determines how the site is listed on the Site Overview page and the site select selector menu.
1. In the **Short name** field, enter a short name for the new site. The short name is used in URLs and the API (e.g., `https://dashboard.signalsciences.net/corps/SHORT-NAME/`).

</Panel>
<Panel id="fastly-control-panel">

1. <Partial name='step-login' inline />
1. <Partial name='step-ngwaf-click-workspaces' inline />
1. Click **Add Workspace**.
1. In the **Name** field, enter a friendly name for the new workspace.
1. In the **Description** field, enter a description of the workspace.
1. Click **Add Workspace**.

</Panel>
 -->

## Editing sites (workspaces)

To edit a site (workspace), follow these steps:

<!-- TabbedPanels component: 
<Panel id="next-gen-waf-control-panel">

1. <Partial name='step-ngwaf-login' inline />
1. From the corp navigation bar, click the **Corp Manage** menu and then select **Sites**.
1. Click the name of the site that you want edit.
1. Fill out the fields on the **Name** form as follows:
   * In the **Display name** field, enter a friendly name for the site. The display name determines how the site is listed on the Site Overview page and the site select selector menu.
   * In the **Short name** field, enter a short name for the site. The short name is used in URLs and the API.
1. Click **Update**.
1. Click the **Agent Configurations** tab.
1. Fill out the Agent Configurations form as follows:
   * From the **Agent mode** menu, select the [agent mode](/guides/next-gen-waf/about-the-agent-mode/) for the site.
   * From the **IP anonymization** menu, select **Disabled** to not anonymize IP addresses or select **Enabled** to [convert IP addresses into anonymized IPv6 addresses](/guides/next-gen-waf/data-storage-and-privacy/anonymizing-ip-addresses/).
   * In the **Client IP headers** area, add a [header](/reference/ngwaf/agent-config#agentcfg_client-ip-header) by clicking **Add header** and then entering the name of the header in the **Header** field. Remove a header by clicking **Delete header** to the right of a header name.
   * In the **Blocking response code** field, enter a [default blocking response code](/guides/next-gen-waf/agent-response-codes/using-custom-agent-response-codes/#changing-the-sites-workspaces-blocking-response-code) for the site. All blocking actions will return the site default blocking response code unless a different response code is specified in a rule. Supported response codes are 301, 302, and 400-599.
   * *(Optional)* If you entered `301` or `302` in the **Blocking response code** field then, in the **Redirect URL** field, enter the absolute or relative URL of the redirect location. See [Using redirect custom response codes](/guides/next-gen-waf/agent-response-codes/using-custom-agent-response-codes/#using-redirect-custom-agent-response-codes).
1. Click **Update**.
1. Click the **Users** tab.
1. [Manage the users](/guides/next-gen-waf/account-info/managing-users/) assigned to the site.

</Panel>
<Panel id="fastly-control-panel">

1. <Partial name='step-login' inline />
1. <Partial name='step-ngwaf-click-workspaces' inline />
1. <Partial name='step-ngwaf-access-workspace-settings' inline />
1. Update the settings located on the following tabs as needed:
   * On the **General** tab, update the **Name** and **Description** fields, then click **Update**.
   * On the **Protection mode** tab, update the [protection mode](/guides/next-gen-waf/about-the-agent-mode), then click **Update**.
   * On the **Attack thresholds** tab, adjust the [attack thresholds](/guides/next-gen-waf/thresholds/configuring-attack-thresholds), then click **Update**.
   * On the **Virtual patches** tab, enable and disable [CVE virtual patch signals](/guides/next-gen-waf/virtual-patches-for-cves/).
   * On the **IP anonymization** tab,  select **Disabled** to avoid anonymizing IP addresses or select **Enabled** to convert IP addresses into [anonymized IPv6 addresses](/guides/next-gen-waf/data-storage-and-privacy/anonymizing-ip-addresses/). Then click **Update**.
   * On the **Redactions** tab, manage your [custom redactions](/guides/next-gen-waf/data-storage-and-privacy/redacting-data#custom-redactions).
   * On the **Custom response codes** tab, enter a [default blocking response code](/guides/next-gen-waf/agent-response-codes/using-custom-agent-response-codes/#changing-the-sites-workspaces-blocking-response-code). All blocking actions will return the default blocking response code unless a different response code is specified in a rule. Supported response codes are 301, 302, and 400-599.
   * On the **Client IP headers** tab, add or delete [client IP headers](/guides/next-gen-waf/client-ip-addresses/).
   * On the **Alerts** tab, manage your [alerts](/guides/next-gen-waf/integrations/integrations-intro), which notify you when select Next-Gen WAF activity occurs.
   * On the **Header Links** tab, manage your [header links](/guides/next-gen-waf/header-links/), to cross-reference Next-Gen WAF data with your own internal systems.

</Panel>
 -->

## Monitoring sites (workspaces)

You can monitor the traffic and performance of your site (workspace). For example, you may want to:

* view high-level site (workspace) metrics organized into multiple [dashboards](/guides/next-gen-waf/monitoring/monitoring-with-system-generated-dashboards#working-with-site-workspace-dashboards).
* reference a list of individual [requests](/guides/next-gen-waf/monitoring/monitoring-requests) that have been tagged with signals.
* [track IP addresses](/guides/next-gen-waf/monitoring/monitoring-flagged-sources) that have been or will be flagged soon or review a historical record of all flagged IP addresses within the last 30 days.
* view a summary of the status and performance of the [agent](/guides/next-gen-waf/monitoring/monitoring-the-agent/).

<!-- TabbedPanels component: 
<Panel id="next-gen-waf-control-panel">

### Site Summaries table

Click the name of your corp in the upper left corner of the control panel to navigate to the [Corp Overview page](/guides/next-gen-waf/monitoring/monitoring-with-system-generated-dashboards/#corp-overview-dashboard). The Site Summaries table on the Corp Overview page highlights the most frequent attack types and attack sources (e.g., the regions where the attacks originated) for each site. You can use a search bar to filter the table by site and the site menu to view all sites, sites with attack requests, or sites without attack requests. The table contains these columns:

* **Site**: the name of the site and the total number of requests the site has received.
* **Requests with Attack Signals**: the top number represents the number of requests that were blocked due to [threshold configurations](/guides/next-gen-waf/thresholds/about-threshold-configurations). The bottom number represents the number of requests that have at least one attack signal.
* **Attack Signals**: the most frequent attack types for that site.
* **Countries**: the top three regions where the attacks originated.
* **Flagged IPs**: the number of IP addresses that were flagged due to exceeding set thresholds in the specified time period.

</Panel>
<Panel id="fastly-control-panel">

### Workspace summary table

The [Account overview dashboard](/guides/next-gen-waf/monitoring/monitoring-with-system-generated-dashboards/#account-overview-dashboard) gives you access to the Workspace summary table. The Workspace summary table highlights the most frequent attack types and attack sources (e.g., the regions where the attacks originated) for each workspace.

To access the Workspace summary table:

1. <Partial name='step-login' inline />
1. <Partial name="step-ngwaf-click-dashboards" inline />
1. <Partial name="step-ngwaf-select-account" inline />

The Workspace summary table contains these columns:

* **Workspace**: the name of the workspace.
* **Requests w/ attack signals**: the top number represents the number of requests that were blocked due to [threshold configurations](/guides/next-gen-waf/thresholds/about-threshold-configurations). The bottom number represents the number of requests that have at least one attack signal.
* **Attack signals:** a list of the attack signals that made up the most attacks to the workspace and their corresponding percentage of the total.
* **Countries**: the top three regions where the attacks originated and their corresponding percentage of the total.
* **Flagged IPs**: the number of IP addresses that were flagged due to exceeding set thresholds in the specified time period.

</Panel>
 -->

## Deleting sites (workspaces)

If you've been assigned the role of [owner](/guides/next-gen-waf/account-info/using-user-roles-and-permissions/) (superuser), you can delete sites (workspaces) in your corp (account).

### Limitations and considerations

A site (workspace) cannot be deleted if it:

* is the site (workspace) you are currently accessing in the control panel
* is the last site (workspace) remaining for the corp (account)
* has users that aren't members of any other sites (workspaces)

If you would like to delete a site (workspace) meeting any of the conditions listed above, reach out to our [support team](https://support.fastly.com).

### Deleting a site (workspace)

To delete a site (workspace), follow these steps:

<!-- TabbedPanels component: 
<Panel id="next-gen-waf-control-panel">

1. <Partial name='step-ngwaf-login' inline />
1. From the corp navigation bar, click the **Corp Manage** menu and then select **Sites**.
1. Click the name of the site that you want to delete.
1. Click **Delete site**.
1. Review the warnings associated with deleting a site and select **I understand the consequences of deleting a site**.
1. Click **Delete**.

</Panel>
<Panel id="fastly-control-panel">

1. <Partial name='step-login' inline />
1. <Partial name='step-ngwaf-click-workspaces' inline />
1. Click the gear <span class="inline-icons"><img src="/img/icons/gear.png" alt="Gear icon" /></span> next to the workspace that you want to delete.
1. Click **Delete workspace**.
1. Enter the name of the workspace as a means of verifying that you want to permanently delete the workspace, then click **Delete**.

</Panel>
 -->

## Related content

* [Using an API with the Next-Gen WAF](/guides/next-gen-waf/developer/using-an-api-with-the-next-gen-waf)