WEBSITE
SERVER
VIETNAM SERVERS

Dedicated Server Vietnam
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Colocation Vietnam
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server MMO
Best solution for running MMO tools

Data Transmission & Internet Services
Fast, stable and cost-effective connection.

Server Solution
Video streaming, Cluster database, Web Cluster

Full-Service Management
Optimize time and human resource costs
OFFSHORE servers

Dedicated Server US
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Korea
Tier 4 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Singapore
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Thailand
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Cambodia
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Canada
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support
OFFSHORE servers

Dedicated Server Malaysia
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Indonesia
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Philippines
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server Laos
Tier 3 DC - 99.9% Uptime - 24/7 Tech Support

Dedicated Server India
Tier 4 DC - 99.9% Uptime - 24/7 Tech Support
IP ADDRESS
Địa chỉ IP Việt Nam

Vietnam IP Address
High Quality. Fast Speed. No Subnet Bans

US IP Address
High Quality. Fast Speed. No Subnet Bans
Địa chỉ IP châu Á

Korea IP Address
High Quality. Fast Speed. No Subnet Bans

Singapore IP Address
High Quality. Fast Speed. No Subnet Bans
Địa chỉ IP châu Á

Thailand IP Address
High Quality. Fast Speed. No Subnet Bans

Cambodia IP Address
High Quality. Fast Speed. No Subnet Bans
CLOUD
PUBLIC CLOUD

Cloud Server Standard
SSD-Cloud Storage-Ceph - CPU Intel Xeon E5

Cloud Server High-Memory
SSD-Cloud Storage-Ceph - CPU Intel Xeon E5
PRIVATE CLOUD

Private Cloud
Distributed Storage - Independent cloud infrastructure
CLOUD BACKUP

Cloud Backup
Instant backup and restore mechanism

VM Backup & Recovery
Easy-to-use & Powerful VM Backup Software

Veeam Data Platform
Data Security, Data Recovery, and Data Freedom

Object Storage
Large storage capacity - Compatible with S3 API
ALIBABA CLOUD
ALIBABA CLOUD PARTNER

Alibaba Cloud ECS Pricing
We offer you cost effectiveness

Elastic Compute Service
High-performing virtual servers

Simple Application Server
Cloud-based and lightweight servers

CloudBox
Extending Public Cloud Services to Local Devices

Server Load Balancer
Network/Application Load Balancer

Elasticsearch
Alibaba Cloud open-source Elasticsearch

Alibaba Cloud Partner
VinaHost is an official partner of Alibaba Cloud
ALIBABA CLOUD ECS

CDN
Speed up file distribution to end-users

DCDN
Dynamic Content Delivery Network

Elastic IP Address
Independent IP Resources

Edge Node Service (ENS)
All-in-one edge service
STORAGE

Object Storage Service
Enterprise-ready Object Storage Service

Container Service For Kubernetes
Integrates virtualization, storage, networking & security capabilities
ALIBABA CLOUD CDN

Anti-DDoS Service
Intelligent DDoS Protection & Mitigation Service

Web Application Firewall (WAF)
Protects your websites and web servers
DATABASE

ApsaraDB RDS
Stable, reliable, cost-effective, and scalable online database service
VPS
VIETNAM VPS

Cheap VPS VietNam
SSD Disk Drives, CPU E5v3, IOPS 21k / 7k7

Pro VPS SSD
SSD Disk Drives, CPU E5v4, IOPS 42k / 14k

VPS NVMe
NVMe Disk Drives, CPU Platinum, IOPS 99k / 33k

VPS MMO
Best solution for running MMO tools

VPS Minecraft
SSD Disk Drives, CPU E5v3, IOPS 21k / 7k,
Unlimited Game Servers
Offshore VPS

Cloud VPS Singapore
KVM VPS - SSD NVMe - Free Backup - Tier 3 DC

Cloud VPS Thailand
KVM VPS - SSD NVMe - Free Backup - Tier 3 DC

Cloud VPS Cambodia
KVM VPS - SSD RAID 10 - Free Backup - Tier 3 DC

Cloud VPS Indonesia
KVM - Virtualizor -1 click activation - Free backup

Cloud VPS Laos
KVM - Virtualizor - Uptime 99.9% - Stable connection

Cloud VPS Malaysia
KVM VPS - Tier 3 DC - 1 click activation

Cloud VPS Germany
KVM VPS - SSD NVMe - Uptime 99.9% - Tier 3 DC
ADDITIONAL SERVICES

VPS Overview
Find the best VPS plan for your site at VinaHost

VPS Trial
7-day trial - Order at $5/Mo - Windows & Linux OS

VPS Management Service
We provide full service management for VPS

Snapshot-File Backup
Provides storage space for Server and VPS
CDN
HOSTING
VIETNAM HOSTING

Pro Hosting
Powerful With Intel Xeon Platinum & NVMe

Linux Hosting
Best hosting for PHP website

WordPress Hosting
Best hosting for WordPress website

Business Hosting
Best hosting for business website

Windows Hosting
Best hosting for ASP.net website
Offshore Hosting

Singapore Hosting
Best hoting in Singapore for PHP website
ADDITIONAL SERVICES

Database Hosting
Best hosting for managing database

SEO Hosting
Best Hosting for SEO with dedicated public IP

Reseller Hosting
Be our reseller - get more offers & support

Hosting + Domain .VN Combo
Buy more, save more with cheap combo!

Shared hosting support
We're ready 24/7. Call 19006046 for support!

Hosting Overview
Find the best web hosting plan for your site!
EMAIL
Business Email Hosting

Email Server
Dedicated Mail Server - Dedicated IP - Full control

Email Hosting
Own email domain - Gmail interface - No spam

Email Relay
No spam - 24/7 support - Dedicated IP

Email Filter
Receive email safely with spam/viruses filtering

Email Hosting + Domain .VN Combo
Buy more, save more with cheap combo
Email Marketing

Email Marketing
Launch your bulk email campaign in 3 mins

Send Effective Email Campaign
Prevent Emails from Going to Spam box
Microsoft 365 & Google Workspace

Microsoft 365
Easily share files, co-author in real time

Google Workspace
How teams of all sizes connect, create, and collaborate
DOMAIN
DOMAIN PRICING

VN Domain Registration
Buy .VN Domain and gTLDs with good price

Register Domain
Buy your domain now to get more online visibility

Transfer Domain
Transfer domain to us for better management

Domain Registration Guide
Guides to register, transfer & renew domain name
ADDITIONAL SERVICES

DNSSEC
DNS extensive security - Ensure domain reliability

Registry Lock
Prevent unauthorized use of domain name

WhoIs Protection
Protect private information of name – Anti spam, phishing

Pro DNS
Professional DNS by GeoIP, load balancing for applications

Dynamic DNS
Automatically update dynamic IP addresses
REGULATIONS, POLICIES

Guarantee Transfer Domain
Procedures for transferring the right to use domain

Terms & Conditions for .VN domain
Rules for registration and use of .VN domain

Terms & Conditions for GTLDS
Rules for registration and use of GTLDS

Domain Management Responsibilities
Responsibility of the domain registrant

Registration Forms
Registration Forms for domain name
.
SSL & SECURITY
SSL

GeoTrust SSL
Secure Website with GeoTrust SSL certificate – Start at $13.5/year

Sectigo SSL
Website security with Sectigo SSL certificate - Start at $13.5/year

SSL For IP
SSL solution for static Public IP address - Start at $19.5/year
SECURITY

WAF
Protect Web applications from security vulnerabilities, mitigate DDoS
TRIAL

Free WAF
Experience the free WAF security tool

What is SSL Certificate?
Encrypt online transaction data, get more reliability for website

CSR Online
Click to create a Certificate Signing Request online now
OTHERS
LICENSE

License
cPanel - DirectAdmin - Plesk Onyx License - Good Price
RESELLER

Reseller
Become VinaHost's reseller to get up to 30% discount
HARDWARE

Dell Server
Dell Servers & Accessories - High-end server - Good price

HP Server
HP Servers & Accessories - High-end server - Good price

Supermicro Server
Supermicro Servers & Accessories - High-end server - Good price
SOFTWARE

Software
Software development, testing and support

WAF SERVICE

Web Application Firewall (WAF) is a security tool designed to protect Web applications from cyberattacks by monitoring, filtering, and blocking suspicious access requests. WAF is capable of detecting and preventing many types of attacks such as SQL injection, cross-site scripting (XSS), and attacks that exploit security vulnerabilities in web applications. Unlike a regular firewall that only acts as a secure gateway between servers, WAF is an application security measure placed between the Web Client and the Web Server.

Protect Web applications from security vulnerabilities
Alerts and automatically prevents attacks
Detailed analysis and reporting of attacks

START FOR FREE

(*) 30-day money-back guarantee

dich vu waf

PRICING

WAF-Free

USD/Month

Suitable for: Small Website
Website: 1
Request / day: 10.000
Custom Rule quantity: None

WAF-1

8.50 USD/Month

Suitable for: Small Website
Website: 1
Request / day: 200.000
Custom Rule quantity: 5

WAF-2

21.25 USD/Month

Suitable for: Medium Website
Website: 1
Request / day: 1.000.000
Custom Rule quantity: 15

WAF-3

42.50 USD/Month

Suitable for: Medium-Large Website
Website: 1
Request / day: 2.500.000
Custom Rule quantity: 25

WAF-4

76.50 USD/Month

Suitable for: Medium-Large Website
Website: 1
Request / day: 5.000.000
Custom Rule quantity: 50

WAF-5

127.50 USD/Month

Suitable for: Large Website
Website: 1
Request / day: 10.000.000
Custom Rule quantity: Unlimited

Upgrade options

Additional (WAF-5 Package Only)

Add 1.000.000 requests/day	1 month	17.5 USD
Add 1.000.000 requests/day	3 months	52.5 USD
Add 1.000.000 requests/day	6 months	99.75 USD
Add 1.000.000 requests/day	12 months	189 USD
Add 1.000.000 requests/day	24 months	357 USD
Add 1.000.000 requests/day	36 months	535.5 USD

OVERVIEW

Service pack	WAF-Free	WAF-1	WAF-2	WAF-3	WAF-4	WAF-5
Price	USD/Month	8.50 USD/Month	21.25 USD/Month	42.50 USD/Month	76.50 USD/Month	127.50 USD/Month
Suitable for	Small Website	Small Website	Medium Website	Medium-Large Website	Medium-Large Website	Large Website
Website	1	1	1	1	1	1
Request / day	10.000	200.000	1.000.000	2.500.000	5.000.000	10.000.000
Custom Rule quantity	None	5	15	25	50	Unlimited
Badbot
Verify User
Community Blacklist
Layer 7 DDoS mitigation
Basic Authentication
Layer 4 DDoS mitigation
Geo DNS \| Failover
WAF Caching
	Order	Order	Order	Order	Order	Order

NOTE:

The above fees do not include 10% VAT.

Customers please contact the sales department directly or order / log in to the main service package management interface before ordering upgrade options and additional services.

OPERATING SYSTEMS

We support the installation of the following popular operating systems

MAIN FEATURES

Protect against security vulnerabilities

WAF monitors all traffic to and from web applications, filtering requests based on pre-configured security rules, helping protect web applications from common security vulnerabilities such as SQL injection, cross-site scripting (XSS), and other attacks.

Access control and authentication

WAF can be configured to control access and require user authentication before allowing access to sensitive resources.

DDoS attacks mitigation

Mitigate distributed denial of service (DDoS) attacks by filtering and limiting traffic.

Session and Cookie Management

WAF monitors and protects sessions and cookies to prevent attacks related to session hijacking and cookie tampering.

Easy to deploy and manage

Deploy quickly, helping businesses save time and resources. Flexible scalability, meeting the security needs of businesses in different stages of development.

Constantly updated

Regularly update security rules to respond to new threats, helping to maintain the highest level of protection for web applications.

Analysis and reporting

WAF provides detailed analysis and reporting tools on traffic and attacks, helping administrators better understand the security situation and take timely improvement measures.

Regulatory compliance

WAF helps businesses comply with security standards and regulations such as PCI DSS, GDPR, and others by providing the necessary protection mechanisms.

Easily integrates with other tools

WAF can integrate with other security and monitoring tools to provide a more comprehensive layer of system protection.

See more features

WAF SERVICE

Web application security
Easy to deploy and manage
Investigate and analyze incidents

WEB APPLICATION FIREWALL – WAF

Q&A

1. What types of attacks can WAF prevent?

WAF can prevent many types of attacks such as:

Attacks exploit security vulnerabilities on websites
Denial of service attack

2. What is the difference between a WAF and a traditional firewall?

Traditional firewalls protect networks at the network and transport layers, while WAF protect web applications at the application layer.

3. How to configure WAF effectively?

WAF at VinaHost already has a set of OSWAP rules, automatically responding to attacks according to the customer’s desired level. Ability to self-update and prevent IP blacklist early. WAF provides a custom rule system with many customization options such as header, url, source, method,… to customize for each website.

4. Does WAF help comply with security standards?

Yes, WAF works on website security standards such as OSWAP rule sets and common attack methods. WAF does not modify any header information between the server and client.

5. My website is not hosted at VinaHost, can I use WAF service?

Yes, your website will be protected no matter where the web server is located in the world.

What is WAF?

dich vu waf

WAF (Web Application Firewall) is also known as Web Application Firewall. WAF helps protect web applications by filtering and monitoring HTTP traffic between the web application and the Internet. Thanks to that, WAF can resist SQL Injection, Cross Site Scripting (XSS) or Cross-site Request Forgery – CSRF (Cross-site request forgery) attacks.

Deploying a WAF means you put a layer of protection between your web application and the Internet. Just as a proxy server protects a user’s identity by acting as an intermediary, a WAF is a type of reverse proxy, protecting a web server. The WAF inspects and filters traffic before it reaches the server, ensuring that only safe traffic is allowed through.

Mechanism of action of WAF

WAF operates at the application layer (Layer 7) of the OSI model. All incoming client requests and outgoing server responses pass through the WAF, allowing any traffic that violates security policies to be analyzed and blocked.

WAF uses the following strategies to filter traffic:

Active security model: Includes clearly defining allowed patterns and behaviors, allowing only known legitimate traffic and denying any other patterns, enhancing security through a list approach white.
Negative security model: This model identifies and blocks known malicious patterns, assumes that any traffic matching predetermined attack patterns is malicious, and denies access, providing grant security through blacklist method.
Advanced capabilities: Leverage machine learning and AI algorithms on potential threats to proactively defend against sophisticated threats.

Compare WAF and traditional Firewall

Below is a comparison between Web Application Firewall (WAF) and traditional Firewall

	WAF	Traditional Firewall
Protection goal	Protect web applications from attacks that target application-layer vulnerabilities, such as SQL injection, cross-site scripting (XSS), and remote file inclusion.	Protect networks and devices by controlling traffic at the network and transport layers, preventing attacks such as IP spoofing, DDoS, and protocol-based attacks.
Method of operation	Monitor and analyze HTTP/HTTPS traffic, applying security rules to filter and block malicious requests directed to web applications.	Inspect and control network traffic based on IP addresses, ports, and protocols to prevent unauthorized access and protect network services.
Protection ability	Specialized for web applications, capable of detecting and preventing attacks based on security vulnerabilities in the source code and web user interface.	Overall protection of the network and network services, attacks targeting specific application vulnerabilities cannot be detected.

In short, WAF and traditional Firewall complement each other, providing a comprehensive layer of protection for both networks and web applications.

Types of attacks that WAF can prevent

dich vu waf

Web Application Firewall (WAF) has the ability to prevent many types of cyber attacks targeting web applications. Here are some common types of attacks that WAF can prevent:

SQL Injection: Attack that inserts malicious SQL code into web application input fields to access and illegally manipulate the database.
Cross-Site Scripting (XSS): Attack that inserts malicious JavaScript code into a website to execute this code on the user’s browser, steal information or hijack the session.
Cross-Site Request Forgery (CSRF): An attack that forces users to perform unwanted actions on a website they have authenticated, using HTTP requests sent from a malicious website.
Remote File Inclusion (RFI): An attacker inserts and executes remote files on the server, often leading to server takeover or malicious code execution.
Local File Inclusion (LFI): An attacker inserts and executes files locally on the server, exploiting sensitive files and executing malicious code.
Command Injection: An attacker executes system commands on the server through vulnerabilities in the web application source code.
HTTP Flooding: A form of DDoS attack in which an attacker sends a large number of HTTP requests to exhaust server resources and cause service disruption.
Brute Force Attacks: Attacks testing multiple passwords to correctly guess the user’s authentication information.
Session Hijacking: Attack to hijack a user’s session by stealing or predicting the session identifier (session ID).
Directory Traversal: An attacker accesses files and directories outside the web application’s root directory using navigation strings such as ../.
XML External Entity (XXE): Attack that exploits XML parsers to make malicious requests, access local resources, or steal sensitive data.
Zero-Day Exploits: Undetected or unpatched attacks (zero-day exploits).

WAF helps protect web applications by detecting and preventing these types of attacks, ensuring the safety and security of data and enterprise systems.

Who is WAF suitable for?

WAF (Web Application Firewall) can immediately detect and prevent the most dangerous security errors that traditional Firewalls, intrusion detection systems (IDS) or intrusion prevention systems (IPS) cannot. can do. Therefore, WAF is very useful for companies that offer products or services over the internet such as online shopping or those businesses that frequently conduct online transactions.

Advantages of using WAF service at VinaHost

dich vu waf

Using the Web Application Firewall (WAF) service at VinaHost brings many outstanding advantages, including:

Quick deployment: WAF service at VinaHost can be deployed quickly, without disrupting website operations, helping you save time and costs.
Flexible scalability: VinaHost provides WAF solutions with flexible scalability, suitable for the security needs of businesses of all sizes.
Professional technical support: We have a team of professional, experienced technicians, always ready to support customers in deploying, configuring and managing WAF services.
Continuous security updates: VinaHost regularly updates security rules and improves WAF services to cope with new threats, ensuring the highest level of protection for web applications.
Easy integration: VinaHost’s WAF service easily integrates with existing security systems and tools, helping to enhance the overall protection of your system.
Reasonable price: We provide WAF services at competitive prices, suitable for the budget of many businesses.
Highly customizable: WAF services at VinaHost can be customized to meet each customer’s specific security requirements, ensuring that protection measures are appropriate for each web application.

Using WAF service at VinaHost helps businesses protect web applications comprehensively, ensures data and information security, and brings many management and cost benefits. Customers can experience the WAF service completely free of charge with the WAF-Free package, for 1 Website with 10,000 requests/day.

For support, please feel free to contact us:

Phone: 1900 6046 ext. 1
Email: support@vinahost.vn
Livechat: https://livechat.vinahost.vn/chat.php

Total visit: views

Updated at: 20/08/2024

Partner

08:00 AM - 05:00 PM