1. Home
  2. Guides
  3. Next-Gen WAF
  4. Using the Next-Gen WAF
  5. Sites (workspaces)

About sites (workspaces)

A site (also known as a workspace) is a single web application, bundle of web applications, API, or microservice that the Next-Gen WAF can protect from attacks. Sites (workspaces) contain various configurations that determine how Next-Gen WAF agents process incoming requests. These configurations enable request logging and blocking and define what type of requests should be allowed, logged, or blocked.

Every site (workspace) belongs to a corp (also known as a corporation or account). A corp (account) is a company hub for managing all sites (workspaces), account access permissions, and corp-level (account-level) configurations. Account access is authenticated against a corp (account) and members can be included from different sites (workspaces).

When defining the scope of your site (workspace), consider how you want to compartmentalize data, rules, and account access. For example, you may want to create sites (workspaces) based on an environment type (e.g., development, staging, and production) or region (e.g., APAC, EU, and US). Read our Managing sites guide for more information.

Monitoring your site (workspace)

You can monitor the traffic and performance of your site (workspace). For example, you may want to:

  • view high-level site (workspace) metrics organized into multiple dashboards.
  • reference a list of individual requests that have been tagged with signals.
  • track IP addresses that have been or will be flagged soon or review a historical record of all flagged IP addresses within the last 30 days.
  • view a summary of the status and performance of the agent. Note that this feature is only available to Next-Gen WAF customers with access to the Next-Gen WAF control panel.

Site Summaries table

IMPORTANT: This feature only applies to Next-Gen WAF customers with access to the Next-Gen WAF control panel.

Click the name of your corp in the upper left corner of the control panel to navigate to the Corp Overview page. The Site Summaries table on the Corp Overview page highlights the most frequent attack types and attack sources (e.g., the regions where the attacks originated) for each site. You can use a search bar to filter the table by site and the site menu to view all sites, sites with attack requests, or sites without attack requests. The table contains these columns:

  • Site: the name of the site and the total number of requests the site has received.
  • Requests with Attack Signals: the top number represents the number of requests that were blocked due to threshold configurations (i.e., site alerts or templated rules). The bottom number represents the number of requests that have at least one attack signal.
  • Attack Signals: the most frequent attack types for that site.
  • Countries: the top three regions where the attacks originated.
  • Flagged IPs: the number of IP addresses that were flagged due to exceeding set thresholds in the specified time period.
Fastly
© Fastly 2025