NGINX App Protect vs StackPath WAF comparison

F5 and StackPath are both solutions in the Web Application Firewall (WAF) category. F5 is ranked #16 with an average rating of 8.4, while StackPath is ranked #31 with an average rating of 9.0. F5 holds a 1.9% mindshare in WAF, compared to StackPath’s 0.2% mindshare. Additionally, 95% of F5 users are willing to recommend the solution, compared to 100% of StackPath users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between NGINX App Protect and StackPath WAF based on real PeerSpot user reviews.

Find out what your peers are saying about F5, Amazon Web Services (AWS), Microsoft and others in Web Application Firewall (WAF).

To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: July 2025).

Buyer's Guide

Web Application Firewall (WAF)

July 2025

Download the complete report

Helped 864,574 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cloudflare Web Application ...

Mindshare comparison

As of August 2025, in the Web Application Firewall (WAF) category, the mindshare of Cloudflare Web Application Firewall is 7.3%, up from 6.5% compared to the previous year. The mindshare of NGINX App Protect is 1.9%, down from 2.3% compared to the previous year. The mindshare of StackPath WAF is 0.2%, down from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Web Application Firewall (WAF)

Featured Reviews

SachidDoshi

Senior Enterprise Security Architect at HGS - Hinduja Global Solutions

Offers a huge signature repository and is superiorly effective in mitigating DDoS attacks

The solution's learning curve can still be further reduced, which presently stands at two or three months. The product has a custom rule set that users can modify and manifest as needed. The vendor can probably shorten the learning curve using cutting-edge technologies like AI. The solution provider can also work around the web applications and identify the toolset that needs to be implemented to deploy the solution in less time. The vendor has launched a SASE product that can function with Cloudflare Web Application Firewall, but many improvements are needed in terms of features, such as the web filtering feature, and CASB has not yet been added.

Read full review

Saurav Kumar

Senior security architecture at National Payment Corporation Of India

Offers protection to users from external threats

NGINX App Protect secures our company's application, and it has helped me a lot, considering that we have critical infrastructure in India where we see how lots of attacks come onto our organization's servers. The tool offers protection against multiple threats present in India's IT ecosystem. The tool helps our company to make our payments secure, meaning it has the ability to provide a secure payment environment in India. Speaking about the improvements in our company's application performance since implementing NGINX App Protect, the gRPC support for the solution is very low. My company is not getting any proper documentation on how to deploy gRPC over NGINX App Protect. I recommend the product to those who plan to use it. People can use the product as their company's base server, WAF, or for its proxy manager, depending on the business requirements. My company follows PCI DSS compliance because we operate in a payment-related industry. Right now, my company follows all the standards, so we comply with all the requirements and policies. I rate the tool an eight out of ten.

Read full review

Francesco MariaCompagnucci

RTD at Fidoka srl

Stable product with an easy setup process

We use StackPath WAF to protect small websites for our customers The product’s most valuable is WAF. The authentication feature helps us protect WordPress sites. The product’s performance for caching feature needs improvement. It could provide high security to handle large traffic volumes for…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product has a valuable security control functionality."

"Does a good job preventing web application attacks."

"The security features are valuable. The particular feature we use is called OWASP."

"There is a huge signature repository"

"It protects web applications efficiently."

"Cloudflare is cheaper compared to Azure WAF, which I have considered before."

"It is a SaaS solution unlike much of the competition."

"The product has improved our security posture by blocking bad actors."

More Cloudflare Web Application Firewall pros

"The initial setup was simple and took three to four days."

"It is a very good tool for load balancing."

"The policies are flexible based on the technologies you use."

"The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution."

"The most valuable feature of NGINX App Protect is the reverse proxy."

"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."

"NGINX App Protect is stable."

"The tool is not complex and is very user-friendly."

More NGINX App Protect pros

"The product’s most valuable is WAF. The authentication feature helps us protect WordPress sites."

Cons

"It would be ideal if the solution offered better log integration and more integration with different platforms."

"The dashboard could be more user-friendly."

"If they add logs history within the Cloudflare offering, that would be a great benefit."

"I have experienced some difficulties with Cloudflare's support as a customer based in India."

"Its stability could be better."

"The solution's learning curve can still be further reduced"

"There could be an option to duplicate the cluster to maintain the consistency of rules."

"Cloudflare Web Application Firewall should include port forwarding features."

More Cloudflare Web Application Firewall cons

"The dashboard could provide a more comprehensive view of the status of the connections."

"The integration of NGINX App Protect could improve."

"They could provide a better user interface."

"As far as scalability, it takes a long time for deployment."

"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."

"It doesn't have more advanced features like no false-positive security, which you can configure in Advanced WAF."

"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."

"Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI."

More NGINX App Protect cons

"The product’s performance for caching feature needs improvement."

Pricing and Cost Advice

"The solution is expensive."

"The annual licensing fee is $10,000 USD."

"The pricing model is very straightforward compared to the competition. You just pay per month for the product and usage."

"It starts at $20 and can easily go up to $200 monthly"

"The solution's pricing option needs to be more transparent for enterprise clients."

"What's my experience with pricing, setup cost, and licensing? I believe the pricing is not the best, but it's reasonable and acceptable. We also use the McAfee system in parallel. In terms of pricing, its okay - not great, but not bad either. It falls in the middle, which is acceptable. In terms of support licensing, last time, we were searching for a solution, and we considered products from resellers rather than directly from the cloud provider. However, the pricing we encountered was exceptionally high. As a result, we are inclined to select support from the reseller."

"We pay $210 per month for CloudFlare WAF."

"It is not too pricey."

More Cloudflare Web Application Firewall pricing and cost advice

"There is a license needed to use NGINX App Protect."

"Really understand the licensing model, because we underestimated that."

"The product's price is high."

"The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."

"There are not any additional costs we had to pay to use NGINX App Protect."

"Our licensing costs are about $40,000 a year."

"The solution's price is reasonable."

"There are no additional fees."

More NGINX App Protect pricing and cost advice

"The product is affordable."

See which vendors are best for you

Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.

See recommendations

864,574 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

Comms Service Provider

Manufacturing Company

Computer Software Company

15%

Financial Services Firm

15%

Comms Service Provider

Manufacturing Company

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Cloudflare Web Application Firewall?

The product has a valuable security control functionality.

See all answers

What is your experience regarding pricing and costs for Cloudflare Web Application Firewall?

The price of Cloudflare Web Application Firewall is reasonable.

See all answers

What needs improvement with Cloudflare Web Application Firewall?

I cannot say much about areas of improvement for Cloudflare Web Application Firewall because I haven't gone through d...

See all answers

What do you like most about NGINX App Protect?

It's very easy to deploy.

See all answers

What is your experience regarding pricing and costs for NGINX App Protect?

I don't know the pricing yet because in my other project, I was not part of the buying side and I was just starting t...

See all answers

What needs improvement with NGINX App Protect?

It would be better if it were easier to implement and if there was more information from F5 regarding hardware requir...

See all answers

What do you like most about StackPath WAF?

The product’s most valuable is WAF. The authentication feature helps us protect WordPress sites.

See all answers

What is your experience regarding pricing and costs for StackPath WAF?

The product is affordable.

See all answers

What needs improvement with StackPath WAF?

The product’s performance for caching feature needs improvement. It could provide high security to handle large traff...

See all answers

Comparisons

Fortinet FortiWeb vs Cloudflare Web Application Firewall

Compared 15% of the time

Microsoft Azure Application Gateway vs Cloudflare Web Application Firewall

Compared 13% of the time

F5 Advanced WAF vs Cloudflare Web Application Firewall

Compared 6% of the time

AWS WAF vs Cloudflare Web Application Firewall

Compared 6% of the time

Barracuda WAF-as-a-Service vs Cloudflare Web Application Firewall

Compared 6% of the time

More Cloudflare Web Application Firewall Competitors

Azure Front Door vs NGINX App Protect

Compared 17% of the time

Microsoft Azure Application Gateway vs NGINX App Protect

Compared 15% of the time

Fortinet FortiWeb vs NGINX App Protect

Compared 9% of the time

AWS WAF vs NGINX App Protect

Compared 8% of the time

F5 Advanced WAF vs NGINX App Protect

Compared 4% of the time

More NGINX App Protect Competitors

open-appsec vs StackPath WAF

Compared 47% of the time

More StackPath WAF Competitors

Product Reports

Buyer's Guide

Cloudflare Web Application Firewall

August 2025

Cloudflare Web Application Firewall report

Download Cloudflare Web Application Firewall product report

Buyer's Guide

NGINX App Protect

July 2025

Download NGINX App Protect product report

Buyer's Guide

Web Application Firewall (WAF)

July 2025

Download StackPath WAF product report

Also Known As

Cloudflare WAF

NGINX WAF, NGINX Web Application Firewall

StackPath Web Application Firewall

Overview

Cloudflare Web Application Firewall's intuitive dashboard enables users to build powerful rules through easy clicks and also provides Terraform integration. Every request to the WAF is inspected against the rule engine and the threat intelligence curated from protecting over 27 Million websites. Suspicious requests can be blocked, challenged or logged as per the needs of the user while legitimate requests are routed to the destination, agnostic of whether it lives on-premise or in the cloud. Analytics and Cloudflare Logs enable visibility into actionable metrics for the user.

Cloudflare

NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

Integrating security controls directly into the development automation pipeline
Applying and managing security for modern and distributed application environments such as containers and microservices
Providing the right level of security controls without impacting release and go-to-market velocity
Complying with security and regulatory requirements

NGINX App Protect offers:

Expanded security beyond basic signatures to ensure adequate controls
F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
Confidently run in “blocking” mode in production with proven F5 expertise
High‑confidence signatures for extremely low false positives
Increases visibility, integrating with third‑party analytics solutions
Integrates security and WAF natively into the CI/CD pipeline
Deploys as a lightweight software package that is agnostic of underlying infrastructure
Facilitates declarative policies for “security as code” and integration with DevOps tools
Decreases developer burden and provides feedback loop for quick security remediation
Accelerates time to market and reduces costs with DevSecOps‑automated security

StackPath WAF integrates multiple technologies, including Advanced Browser Validation and IP Reputation and Custom Rules engines, into an intelligent firewall that can be customized to meet your specific protection profile.

StackPath

Sample Customers

crunchbase, udacity, marketo, okcupid, zendesk

Information Not Available

Robotics Cats, Jewlr

Buyer's Guide

Web Application Firewall (WAF)

July 2025

Download Free Report

Find out what your peers are saying about F5, Amazon Web Services (AWS), Microsoft and others in Web Application Firewall (WAF). Updated: July 2025.

DOWNLOAD NOW

864,574 professionals have used our research since 2012.

See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.