Quick start with Wallarm platform¶
The Wallarm platform protects web applications, APIs, and microservices from OWASP and OWASP Top 10 attacks, bots, and application abuse with ultra‑low false positives. You can start using the platform in full for free with a limitation of 500K API monthly requests by following this guide.
Under a quick start, you will register your Wallarm account and run the first Wallarm filtering node in a few minutes. Having a free quota, you will be able to try on the product power on real traffic.
Create Wallarm account and get Free tier¶
To create a Wallarm account:
Confirm your account by following the link from the confirmation message sent to your email.
Once an account is registered and confirmed, it is automatically assigned with Free tier or Free trial depending on the Wallarm Cloud being used:
In the US Cloud, Free tier allows you to explore the power of the Wallarm solution for free on 500 thousand monthly requests.
In the EU Cloud, there is a trial period allowing you to explore the Wallarm solution for free for 14 days.
As for the US cloud, there is the option to explore Wallarm even before deploying any components to your environment - Playground.
Learn Wallarm in Playground¶
Accounts in the US Wallarm Cloud are featured with Playground which enables the Wallarm platform exploration without having to deploy any platform components. In Playground, you can access the Wallarm Console view like it is filled with real data.
Wallarm Console is the major Wallarm platform component that displays data on processed traffic and allows the platform fine-tuning. So, with Playground you can learn and try out how the product works, and get some useful examples of its usage in the read-only mode.
To try the Wallarm solution capabilities on your traffic, exit Playground and deploy the first Wallarm filtering node following the instructions for the quickest start.
Deploy the Wallarm filtering node¶
Wallarm supports many options for the filtering node deployment. You can either learn them and choose the most appropriate one or follow the quickest way to start with Wallarm as described below.
To quickly deploy the node as a component of your infrastructure, first make sure you have:
Deploy the Wallarm filtering node from the Docker image:
As for the Multi-tenant node checkbox, leave it unticked. This checkbox is related to the corresponding feature setup that is not a part of a quick start.
Copy the generated token.
Run the container with the created node:
docker run -d -e WALLARM_API_TOKEN='XXXXXXX' -e NGINX_BACKEND='example.com' -e WALLARM_API_HOST='us1.api.wallarm.com' -p 80:80 wallarm/node:4.4.0-1
docker run -d -e WALLARM_API_TOKEN='XXXXXXX' -e NGINX_BACKEND='example.com' -p 80:80 wallarm/node:4.4.0-1
| ||Wallarm node token copied from the Wallarm Console UI.||Yes|
| ||Domain or IP address of the resource to protect with the Wallarm solution.||Yes|
| ||Wallarm API server: ||No|
| ||Node mode: |
Detailed description of filtration modes →
To test the deployment, run the first attack with the Path Traversal malicious payload:
example.com, additionally pass the
-H 'Host: example.com' option in the curl command.
Since the node operates in the monitoring filtration mode by default, the Wallarm node will not block the attack but will register it. To check that the attack has been registered, proceed to Wallarm Console → Events:
Wallarm node quick deployment has been successfully completed!
To get more from the deployment stage:
To further fine-tune the deployed node, learn the features: