We changed our name from IT Central Station: Here's why

AWS WAF vs Cloudflare Web Application Firewall comparison

You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about AWS WAF vs. Cloudflare Web Application Firewall and other solutions. Updated: January 2022.
565,689 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats.""As a basic WAF, it's better than nothing. So if you need something simple out of the box with default features, AWS WAF is good.""Their technical support has been quite good.""The most valuable features are the geo-restriction denials and the web ACL.""The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements.""The most valuable features of AWS WAF are its cloud-native and on-demand.""The solution is stable.""This is not a product that you need to install. You just use it."

More AWS WAF Pros →

"Technical support has a very fast response time and they are helpful.""It is a SaaS solution unlike much of the competition.""It is configurable via API.""The security features are valuable. The particular feature we use is called OWASP."

More Cloudflare Web Application Firewall Pros →

"On the UI side, I would like it if they could bring back the geolocation view on the corner.""The technical support does not respond to bugs in the coding of the product.""We don't have much control over blocking, because the WAF is managed by AWS.""I would like to see it more tightly integrated with other AWS services.""When users choose the free service, there isn't great support available to them.""We haven't faced any problems with the solution.""The setup is complicated.""It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."

More AWS WAF Cons →

"It would be ideal if the solution offered better log integration and more integration with different platforms.""Their documentation could be better. They don't have documentation that explains everything well. They have documentation for everything you're looking for, but they lack a single piece of documentation to tie everything together. As a new user or beginner, it took us a little bit of time to figure out how to put all these things in place.""The ModSecurity core rules need to be updated."

More Cloudflare Web Application Firewall Cons →

Pricing and Cost Advice
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."
  • "It's cheap."
  • "AWS WAF is pay-as-you-go, I only pay for what I'm using. There is no subscription or any payment upfront, I can terminate use at any time. Which is an advantage."
  • "You need an additional AWS subscription for this product if you are buying a managed tool."
  • More AWS WAF Pricing and Cost Advice →

  • "The pricing model is very straightforward compared to the competition. You just pay per month for the product and usage."
  • "We pay $210 per month for CloudFlare WAF."
  • More Cloudflare Web Application Firewall Pricing and Cost Advice →

    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    565,689 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    Hi Varun, I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud… more »
    Top Answer: 
    Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    Top Answer: 
    Their technical support has been quite good.
    Top Answer: 
    The security features are valuable. The particular feature we use is called OWASP.
    Top Answer: 
    Their documentation could be better. They don't have documentation that explains everything well. They have documentation for everything you're looking for, but they lack a single piece of… more »
    Average Words per Review
    Average Words per Review
    Also Known As
    AWS Web Application Firewall
    Cloudflare WAF
    Learn More

    AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.

    Cloudflare Web Application Firewall's intuitive dashboard enables users to build powerful rules through easy clicks and also provides Terraform integration. Every request to the WAF is inspected against the rule engine and the threat intelligence curated from protecting over 27 Million websites. Suspicious requests can be blocked, challenged or logged as per the needs of the user while legitimate requests are routed to the destination, agnostic of whether it lives on-premise or in the cloud. Analytics and Cloudflare Logs enable visibility into actionable metrics for the user.

    Learn more about AWS WAF
    Learn more about Cloudflare Web Application Firewall
    Sample Customers
    eVitamins, 9Splay, Senao International
    crunchbase, udacity, marketo, okcupid, zendesk
    Top Industries
    Energy/Utilities Company22%
    Media Company22%
    Transportation Company11%
    Manufacturing Company11%
    Computer Software Company26%
    Comms Service Provider21%
    Media Company12%
    Financial Services Firm8%
    Comms Service Provider28%
    Computer Software Company25%
    Energy/Utilities Company5%
    Company Size
    Small Business24%
    Midsize Enterprise29%
    Large Enterprise48%
    No Data Available
    Find out what your peers are saying about AWS WAF vs. Cloudflare Web Application Firewall and other solutions. Updated: January 2022.
    565,689 professionals have used our research since 2012.

    AWS WAF is ranked 5th in Web Application Firewall (WAF) with 12 reviews while Cloudflare Web Application Firewall is ranked 15th in Web Application Firewall (WAF) with 3 reviews. AWS WAF is rated 7.6, while Cloudflare Web Application Firewall is rated 8.0. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of Cloudflare Web Application Firewall writes "A SaaS solution that is API configurable and a convenient part of a suite but needs updating of core rules". AWS WAF is most compared with Microsoft Azure Application Gateway, Imperva Web Application Firewall, Azure Front Door, Akamai Kona Site Defender and F5 Silverline Managed Services, whereas Cloudflare Web Application Firewall is most compared with Azure Front Door, Microsoft Azure Application Gateway, Fastly, Signal Sciences and Indusface AppTrana. See our AWS WAF vs. Cloudflare Web Application Firewall report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.