Does Heroku offer a Web Application Firewall (WAF)?


Can I use Heroku to block/manage certain kinds of traffic in my app?


Whilst Heroku protects against certain kinds of attacks at the platform level, it doesn't offer any user configurable firewall for individual apps. We recommend configuring this protection on your application server if needed. There are several solutions available for the various languages we support e.g. the rack-attack gem for Ruby

For more sustained, high-volume or sophisticated attacks we recommend using a dedicated DDoS mitigation service.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support