Quick start with Wallarm platform¶
The Wallarm platform protects web applications, APIs, and microservices from OWASP and OWASP Top 10 attacks, bots, and application abuse with ultra‑low false positives. You can start using the platform in full for free with a limitation of 500K API monthly requests by following this guide.
Under a quick start, you will register your Wallarm account and run the first Wallarm filtering node in a few minutes. Having a free quota, you will be able to try on the product power on real traffic.
Learn Wallarm in Playground¶
To explore Wallarm even before signing up and deploying any components to your environment, use Wallarm Playground.
In Playground, you can access the Wallarm Console view like it is filled with real data. Wallarm Console is the major Wallarm platform component that displays data on processed traffic and allows the platform fine-tuning. So, with Playground you can learn and try out how the product works, and get some useful examples of its usage in the read-only mode.
To try the Wallarm solution capabilities on your traffic, create a Free tier account.
Create Wallarm account and get Free tier¶
To create a Wallarm account:
-
Follow the registration link either in the US or EU Wallarm Cloud and input your personal data.
-
Confirm your account by following the link from the confirmation message sent to your email.
Once an account is registered and confirmed, it is automatically assigned with Free tier or Free trial depending on the Wallarm Cloud being used:
-
In the US Cloud, Free tier allows you to explore the power of the Wallarm solution for free on 500 thousand monthly requests.
-
In the EU Cloud, there is a trial period allowing you to explore the Wallarm solution for free for 14 days.
Continue by deploying the first Wallarm filtering node.
Deploy the Wallarm filtering node¶
Wallarm supports many options for the filtering node deployment. You can either learn them and choose the most appropriate one or follow the quickest way to start with Wallarm as described below.
To quickly deploy the node as a component of your infrastructure, first make sure you have:
-
The Administrator role in the Wallarm account
Deploy the Wallarm filtering node from the Docker image:
-
Open Wallarm Console → Nodes in the US Cloud or EU Cloud and create the node of the Wallarm node type.
As for the Multi-tenant node checkbox, leave it unticked. This checkbox is related to the corresponding feature setup that is not a part of a quick start.
-
Copy the generated token.
-
Run the container with the node:
docker run -d -e WALLARM_API_TOKEN='XXXXXXX' -e NGINX_BACKEND='example.com' -e WALLARM_API_HOST='us1.api.wallarm.com' -p 80:80 wallarm/node:4.6.1-1
docker run -d -e WALLARM_API_TOKEN='XXXXXXX' -e NGINX_BACKEND='example.com' -p 80:80 wallarm/node:4.6.1-1
| Environment variable | Description | Required |
|---|---|---|
WALLARM_API_TOKEN | Wallarm node token copied from the Wallarm Console UI. | Yes |
NGINX_BACKEND | Domain or IP address of the resource to protect with the Wallarm solution. | Yes |
WALLARM_API_HOST | Wallarm API server:
api.wallarm.com. | No |
WALLARM_MODE | Node mode:
monitoring.Detailed description of filtration modes → | No |
To test the deployment, run the first attack with the Path Traversal malicious payload:
curl http://localhost/etc/passwd
If NGINX_BACKEND is example.com, additionally pass the -H 'Host: example.com' option in the curl command.
Since the node operates in the monitoring filtration mode by default, the Wallarm node will not block the attack but will register it. To check that the attack has been registered, proceed to Wallarm Console → Events:
Next steps¶
Wallarm node quick deployment has been successfully completed!
To get more from the deployment stage:
To further fine-tune the deployed node, learn the features:
-
System event notifications configured via native integrations with DevOps tools and triggers