Stanford UniversityRequest a Site
Winter Closure:

Please note that site launches will pause in advance of Stanford's Winter Closure. The last day to launch in 2025 will be Tuesday, December 16, 2025. Launches will resume on January 5, 2026.

Learn more about launching your site
Stanford Sites User Guide

Web Application Firewall (WAF)

UIT has engaged with Acquia to implement the Acquia Cloud Edge Web Application Firewall (WAF) and Content Delivery Network (CDN). Anonymous users should experience faster load times for cached content, particularly from locations farther away from the AWS US-West region (e.g., India, Africa, and so forth). Sites benefit from increased performance and stability, as this service adds an additional layer of caching, distributed asset delivery, and protection from malicious actors.

Benefits

Performance Enhancement

The Acquia Cloud Edge WAF and CDN ensure optimal performance by delivering cached content with reduced latency. Anonymous users experience quicker load times, especially for content accessed from geographically distant regions, such as India and Africa.

Security Enhancement

This implementation adds an extra layer of caching and asset delivery, leading to improved performance and stability. Furthermore, the Web Application Firewall (WAF) provides enhanced security by protecting your site against malicious actors, helping to safeguard your data and ensure a safe browsing experience for your users. Additionally, by blocking malicious, high-volume traffic at the edge, the WAF leads to improved stability for sites on shared infrastructure.

Implementation Status

UIT, in collaboration with Acquia, has already successfully implemented the Acquia Cloud Edge WAF and CDN on more than 900 production sites. 

Accessibility Benefit

A notable advantage of adopting Acquia Cloud Edge is that websites hosted on this platform can be scanned directly by Siteimprove. This streamlines the process of identifying and addressing accessibility issues, contributing to a more inclusive online experience for all users.

Effect on publishing new content

Important note

The WAF caches content to create a better experience for your site. This means that there is a delay of up to 5 minutes before newly created content or content changes appear to site visitors.

The WAF does not have any effect on the display of content for users who are logged in as editors.

Troubleshooting

Occasionally the WAF may block valid traffic. You may see two different triggered error pages, WAF blocking and Penalty Box. 

WAF block 

Something went wrong! If you feel that you have reached this page in error, please submit a help request with the date, time, and URL where you received this error message.

If you see this error message, you have been blocked as malicious traffic. This can happen for a variety of reasons. The most common of which is that you meet some criteria that we have blocked intentionally. To become unblocked, please file a help request with as much information as you can provide about what you were doing. This will help us refine our firewall rules.

Penalty Box

Something went wrong! We have detected unusual requests from you. Please try again in 10 minutes. If you feel that you have reached this page in error, please submit a help request with the date, time, and URL where you received this error message.

If you see this error message, you have been blocked as potentially malicious traffic. The Penalty Box error page gets triggered when you (or someone at your IP address) have triggered the WAF through a serious of unusual (but not necessarily malicious) requests. The Penalty Box applies to your IP address across the entirety of all sites on the WAF for 10 minutes. This error will clear up after 10 minutes. If you get put in the Penalty Box a second time, file a help ticket and let us know what you were doing when you triggered the error.

Related policies