Does Heroku offer a Web Application Firewall (WAF)?

Issue

Can I use Heroku to block/manage certain kinds of traffic in my app?

Resolution

Whilst Heroku protects against certain kinds of attacks at the platform level, it doesn't offer any user configurable firewall for individual apps. We recommend configuring this protection on your application server if needed. There are several solutions available for the various languages we support e.g. the rack-attack gem for Ruby

For more sustained, high-volume or sophisticated attacks we recommend using a dedicated service such as Fastly or CloudFlare. These have more sophisticated features for controlling traffic to your app.

Related issues

Does Heroku offer DDoS (Denial of Service) mitigation?
Does Heroku support client side SSL connections? (a.k.a two-way authentication)
How to rollback my Heroku PostgreSQL database that Heroku Connect synchronizes to?

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support
heroku.com Blogs Careers Documentation
Terms of Service Privacy Cookies © 2019 Salesforce.com