Plans & settings
The Settings page holds the WAAP service configuration across tabs: Subscription · Web Access Control · Verified Bot · Response Filtering · HTTP Settings · Monthly Security Report · Danger zone.
Subscription plan
Your plan gates which features are available and your domain / bandwidth / QPS limits.

| Plan | Limits | Notable |
|---|---|---|
| Free | 1 domain · 2 TB/mo · 100 QPS | AI-WAF, DDoS & Emergency Mitigation, Content Acceleration, Global Load Balancing. No Bot Management, API Protection or Programmable Mitigation. |
| Standard — $20/mo | up to 3 domains · 15 TB · 300 QPS | Adds Bot Management + Ticketing Support. |
| Pro — $200/mo | up to 12 domains · 100 TB · 1,200 QPS | Adds API Protection + Programmable Mitigation. |
| Custom | tailored | Everything in Pro + custom domains/volume/RPS, custom limits & SLA, dedicated support — Talk to an expert. |
Pick a tier and Update plan. That's why some console areas (API Protection, Bot Management, Programmable Mitigation) show an upgrade prompt on the Free plan.
Danger zone
Cancel subscription removes the plan from the WAAP service. Plan-tied protection features stop working until a plan is selected again.
Other settings tabs
- Web Access Control — service-wide allow/block controls.
- Verified Bot — manage which known-good bots (search engines, monitors) are allowed through.
- Response Filtering — rules applied to responses leaving the origin.
- HTTP Settings — edge HTTP behaviour for your sites.
- Monthly Security Report — configure the recurring security summary report.
- Danger zone — destructive actions (cancel subscription, remove the service).