Frequently Asked Questions

Getting Started:

While onboarding, you will be asked to choose whether the scan needs to be done behind the authentication page. if you select this option, then our technical support team will be notified and they will reach out to you to get the required credentials.

Yes. AppTrana provides 3 level of controls to turn off the solution.

  • Log Mode– To turn off blocking. All rules will be put in block mode in such a scenario.
  • Disable Mode – The entire WAF will be disabled.
  • Bypass Mode – The entire AppTrana Infrastructure will be bypassed and the traffic will be sent directly to your server.

All of this is done without any downtime.

Yes, AppTrana supports both custom SSL and free SSL certificate as part of the Advance and Premium offering. This thereby means:
  • All sites will be on boarded to listen on SSL traffic.
  • If you have a SSL certificate, you can provide relevant details at the time of onboarding
  • If you do not have SSL, you have 2 choices
    • Get EV certificate from Indusface
    • Use Let’s encrypt certificate which AppTrana automatically issues while on-boarding a new customer
Please note that entire process happens with zero-downtime

The AppTrana Premium plan is an extension of the Advance plan with experts monitoring your traffic, creating custom rules and ensuring zero false positives . Since this is an intensive process and would take more than 14 days, it is not included as part of the 14 day free trial. All the other features of the Premium plan is similar to the Advance plan and we encourage you to try out our Advance free trial before choosing your plan.

Built native on AWS, Indusface AppTrana Infrastructure has been designed keeping security and performance in mind. As AppTrana is hosted in multiple regions and the website will be on-boarded in the region closest to the user, there will be minimal latency. The highly scalable AppTrana Infrastructure ensures that there is no degradation of performance even on high traffic and guarantees 99.999 uptime SLA.

Billing :

Absolutely. We ask for no credit card while you sign-up. You can enjoy all the services of an AppTrana Advance plan for 14 days absolutely free. After 14 days, you will be automatically moved to the Basic plan which is free for life until you do not request for a plan upgrade.

When you start a paid plan, you would be asked to provide your valid credit card credentials to process payments. The credit card will be charged based on your subscription.

AppTrana’s pricing is transparent and pro-rata pricing will be applied. Billing cycle will not change and your credit card will be charged when the next payment is due.

In case of downgrade, AppTrana will provide you credit which can be used for subsequent payment.

You can change the credit card details any time you want from the AppTrana portal – Accounts page.

As long as you have subscribed for a paid plan, AppTrana will require a valid credit card and its credentials to charge for your usage. You can edit or remove your credit card details only if there is no paid plan as part of your subscription.

You will be charged on a prorata basis for the remaining period.


You will be able to do it from the AppTrana portal: Detect page.

Custom rules are created by the Indusface security experts based on application specific need to address vulnerabilities which are not readily fixed by the core rules set.

No issues. AppTrana works seamlessly with third-party CDNs. While on-boarding, you will be asked to select if you are using any third party CDN. If a third-party CDN is used, you will be on-boarded with CDN configuration and the AppTrana technical support team will contact you if any additional information is required.

Yes, we are a 100% PCI Compliant solution. The entire operations of Indusface is built bottom-up on AWS and AWS cloud infrastructure used by TAS has multiple certifications including SOC 1/SSAE 16/ISAE 3402, SOC 2, SOC 3, PCI, ISO, and FedRAMP. Our operations adhere to strict PCI standards and are PCI certificed. Indusface is also Cert-in certified security auditor. As an empaneled auditor, Indusface is qualified to conduct vulnerability assessment and penetration testing audits of websites while issuing website security certificates to corporate and government organizations that pass the audit.

Still Have Questions?

Send us an email or call us +1 866 537 8234