Run Guestcheck Sign in Register

Welcome to the WAFDOG handbook

This documentation covers the public portal, the member portal, and API usage. Admin V2 is excluded.

Use the navigation on the left to jump into detailed chapters, or start with the quickstart for a guided path.

New here? Start with Quickstart and complete your first project in under 30 minutes.

Sign up now – EUR 100 bonus credit included.

Create a project, verify ownership, and start monitoring within minutes.

Sign up now Follow quickstart Run Guestcheck

Why WAFDOG

Vendor independent verification

Prove rules actually work before and after changes, regardless of WAF vendor.

Single source of truth

Projects, checks, and results live in one place for security and product teams.

Shareable status

Generate read-only links to keep stakeholders aligned without extra accounts.

WAF profiling

Test payload libraries against a baseline to spot regressions and blocks.

Credit based usage

Scale monitoring up or down with transparent spend tracking.

Public tools

Guestcheck lets anyone run a fast security scan without login.

Start here

  1. Create an account and sign in.
  2. Create your first project.
  3. Add an application hostname.
  4. Verify ownership of the hostname.
  5. Review default checks and results.
  6. Configure alerts and share status.

Follow the detailed instructions in Quickstart.

Documentation map

Quickstart

Step-by-step onboarding path for the first project and checks.

Account and access

Sign in, reset passwords, and manage profile settings.

Core concepts

Object model, glossary, verification, and results lifecycle.

Public tools

Guestcheck and public tools for non-members.

Tool comparison

Guestcheck vs Quickcheck vs Checks vs WAF profiling.

How-to Guides

Outcome-focused paths for onboarding, monitoring, alerts, WAF profiling, and automation.

Projects and team

Projects, invites, roles, and API tokens.

Applications and verification

Add hostnames, verify ownership, manage shares.

Checks and monitoring

Default checks, custom checks, history, and mute.

Alerts and notifications

Email alerts, mute behavior, and credit warnings.

WAF profiling

Baseline vs payload runs and interpreting results.

Billing and credits

Credit calculator, purchases, and spend log.

API v3

Authentication, scopes, and examples.

Troubleshooting

Known issues and fixes.

FAQ

Common questions and best practices.

Guestcheck vs Quickcheck vs Checks

These tools sound similar but serve different jobs. Use the quick matrix below, then dive deeper when needed.

Tool Access Stores results Best for
Guestcheck Public Yes, global scan list First-time evaluation without login
Quickcheck (public) Public No Single-request debugging and raw responses
Member Quickcheck Member No persistent check Ad-hoc validation inside a project
Checks Member Yes, project history Continuous monitoring and alerting
WAF profiling Member Yes, per run Payload-based proof of WAF behavior

Read the full tool comparison.

Public tools at a glance

Guestcheck provides a fast public scan without login. It is a great entry point to evaluate WAFDOG.

Public homepage
Public homepage with quick access to Guestcheck and documentation.

Member portal highlights

Member accounts unlock project scoped monitoring, historical tracking, alerts, and WAF profiling.

Dashboard overview
Dashboard overview with status and key metrics.