1. Home
  2. Guides
  3. Next-Gen WAF
  4. Using the Next-Gen WAF
  5. Signals

Working with custom signals

Custom signals are labels that describe request properties that you find important to track. The conditions for attaching a custom signal to a request are defined by request rules that use the Add signal action. When paired with a request rule, custom signals can help increase visibility into:

  • what is being attacked. Tag requests with specific paths (e.g., /admin or /api) to understand where bad actors are attempting to exploit your application.
  • where attacks originated. Tag requests based on their source, such as specific regions, countries, or Autonomous System Numbers (ASNs). You can then create additional rules based on this information. For example, you could create a rule to block all requests from specific countries and Tor networks.
  • known actors. Tag requests from known actors. You can then apply a positive security posture and allow traffic from the trusted sources (e.g., known vendors, Let's Encrypt, mobile data site verification, and penetration testers on internal security teams).
  • what happens after requests are allowed. Tag allowed requests that exhibit notable response behaviors (e.g., a 404 HTTP response code or a no JSON results error). This additional information can better highlight attack patterns, especially when seen with or without attack signals.

The Requests page lists a representative sample of requests that have been tagged with custom signals.

Limitations and considerations

When working with signals, keep the following things in mind:

  • The Essentials platform does not support custom signals.
  • Corp (account) signals can only be created, edited, and deleted by owners (superusers).
  • Signals are limited to 200 per corp (account) plus 200 per site (workspace).

Creating custom signals

Custom signals can be created at the corp (also known as account) or site (also known as workspace) level. Corp (account) signals can be used in rules on every site (workspace). Site (workspace) signals can only be used in rules for one site (workspace).

Creating signals used by all sites (workspaces)

Corp-level (account-level) signals can be used in rules on every site (workspaces) in your account. To create a corp-level (account-level) signal, complete the following steps:

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Corp Rules menu, select Corp Signals.
  3. Click Add corp signal.
  4. In the Signal name field, enter the name of the custom signal.
  5. (Optional) In the Description (optional) field, enter a description for the custom signal.
  6. Click Create corp signal.
  7. (Optional) Create a request rule that uses the Add signal action to define when the WAF should tag requests with the new signal. If you do not create a rule, the signal will never be used.

Creating signals used by one site (workspace)

Site-level (workspace-level) signals can only be used in rules for one site (workspace). To create a site-level (workspace-level) signal, complete the following steps:

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Sites menu, select a site if you have more than one site.
  3. From the Site Rules menu, select Site Signals.
  4. Click Add site signal.
  5. In the Signal name field, enter the name of the custom signal.
  6. (Optional) In the Description (optional) field, enter a description for the custom signal.
  7. Click Create site signal.
  8. (Optional) Create a request rule that uses the Add signal action to define when the WAF should tag requests with the new signal. If you do not create a rule, the signal will never be used.

Updating signals

You can update a custom signal to revise the description of the signal.

Updating signals used by all sites (workspaces)

To update the description of a signal that applies to all sites (workspaces), complete the following steps:

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Corp Rules menu, select Corp Signals.
  3. Click View to the right of the custom signal you want to edit.
  4. Click Edit corp signal.
  5. In the Description (optional) field, enter a description for the custom signal.
  6. Click Update corp signal.

Updating signals used by one site (workspace)

To update the description of a signal that applies to a specific site (workspace), complete the following steps:

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Sites menu, select a site if you have more than one site.
  3. From the Site Rules menu, select Site Signals.
  4. Click View to the right of the custom signal you want to edit.
  5. Click Edit site signal.
  6. In the Description (optional) field, enter a description for the custom signal.
  7. Click Update site signal.

Deleting custom signals

To delete a signal, follow the steps described below.

Deleting signals used by all sites (workspaces)

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Corp Rules menu, select Corp Signals.
  3. Click View to the right of the custom signal you want to edit.
  4. Click Remove corp signal and then Delete corp signal.

Deleting signals used by one site (workspace)

  1. Next-Gen WAF control panel
  2. Fastly control panel
  1. Log in to the Next-Gen WAF control panel.
  2. From the Sites menu, select a site if you have more than one site.
  3. From the Site Rules menu, select Site Signals.
  4. Click View to the right of the custom signal you want to delete.
  5. Click Remove site signal and then Delete site signal.

Related content

Fastly
© Fastly 2025