Documentation

Getting Started with Visibilitiez

Complete guide to protecting your domain with our AI-powered WAF. From account creation to active protection in under 10 minutes.

Getting Started

Create Account

Register with email and password

Verify Email

Click the verification link

Login

Sign in to your dashboard

Add Domain

Connect your website

1

Create Your Account

Visit visibilitiez.com/register and fill in:

Full NameYour display name for the dashboard
Email AddressUsed for login and notifications
PasswordMinimum 12 characters, must include uppercase, number, and special character
Password example: MySecure!Pass123 — at least 12 chars, 1 uppercase, 1 number, 1 special character.
2

Verify Your Email

After registration, we send a verification link to your email. Click the link to activate your account.

  1. 1Check your inbox for an email from Visibilitiez
  2. 2Click the Verify Email button
  3. 3You will be redirected to the login page with a success message
Did not receive the email? Check your spam folder. You can also click Resend verification email on the verify page.
3

Login to Dashboard

Go to dashboard.visibilitiez.com/login and sign in.

Email + Passwordstandard login
2FA (optional)if enabled, enter your TOTP code
Remember Mekeeps you logged in for 7 days
First-time users are redirected to the Onboarding Wizard — a 5-step guided setup to connect your first domain.
4

Onboarding Wizard

After your first login, the onboarding wizard walks you through connecting your domain.

1

Welcome

Introduction to Visibilitiez and what you get with your plan.

2

Add Domain

Enter your domain name, choose hosting type (VPS or Shared Hosting), and provide your origin server address.

3

Configure DNS

Add a CNAME record pointing your domain to our edge. We provide the exact record to add.

4

First Scan

We run an Attack Surface Management (ASM) scan to discover your exposed assets.

5

Review

Review your setup and activate protection. Your WAF is now live!

You can skip the onboarding and set up domains later from Dashboard - Domains - Add Domain.

DNS Configuration

This is the one step that actually routes your visitors through our protection. You add a single CNAME record at your DNS provider that points your domain to your private shield hostname. That's it — no IP addresses, no nameserver changes, no server install.

Important — we only support CNAME. Visibilitiez routes traffic exclusively through a CNAME to your shield hostname. We do not hand out an A record / CDN IP address to point at. (IP addresses behind our edge rotate and are never exposed — pointing an A record at one would break.) If your DNS provider can't create the CNAME we show you, you'll need to move DNS to one that can.

What is a "shield hostname"?

When you add a domain, we generate a unique target hostname just for you — it looks like s-3k7m9pqxz4.ward.bbyg.net. Your visitors never see it; it's only the destination your CNAME points to. The random tail keeps your setup private (nobody can guess it from your domain name).

Step 1 — Copy your CNAME target

After you add a domain in the dashboard, your exact shield hostname is shown on the domain page. Copy it.

Step 2 — Add the CNAME record

Go to your DNS provider and create one record:

Subdomain — e.g. www.example.com or app.example.com

Type:   CNAME
Name:   www                          (just the subdomain part)
Value:  s-xxxxx.ward.bbyg.net  (your shield hostname)
TTL:    300  (or Auto)

Replace s-xxxxx.ward.bbyg.net with the exact value from your dashboard.

Root / "bare" domain (example.com without www)

Classic DNS doesn't allow a CNAME on the bare root domain. To protect a root domain you need a provider that supports CNAME flattening (also called ALIAS or ANAME). These providers let you put a CNAME-style record on the root:

Root domain — needs CNAME flattening / ALIAS / ANAME

Type:   CNAME (flattened)  /  ALIAS  /  ANAME
Name:   @                          (the root domain)
Value:  s-xxxxx.ward.bbyg.net  (your shield hostname)
TTL:    300  (or Auto)

Cloudflare, Amazon Route 53, and Google Cloud DNS all support this. Cloudflare does it automatically — just add a normal CNAME on the root and it flattens it for you.

cPanel / Plesk users: the built-in DNS editor cannot create a CNAME on the bare root domain, and we don't support A records. Move your DNS to Cloudflare (free) or another provider that supports CNAME flattening before adding the domain. A subdomain like www works anywhere.

Step 3 — Verify

Back in the dashboard, click Verify DNS. Once we detect the CNAME pointing to your shield hostname, we move on to issuing your SSL certificate automatically.

DNS propagation: usually live in 5–15 minutes, but can take up to 48 hours depending on your provider and TTL. Your existing site keeps working the whole time — the switch only takes effect once the CNAME resolves.

SSL Certificates

We issue a free Let's Encrypt (ACME) certificate for your domain and serve it at our edge — you never install anything on your server.

Zero-downtime setup + automatic renewals. When you add a domain we show you a one-time delegation record (a CNAME on _acme-challenge.yourdomain). With that in place we issue your SSL before you switch traffic — so there is no window where visitors see a certificate error — and every renewal happens automatically afterwards without you touching DNS again. Add the delegation record, click Check & issue SSL, then point your traffic once the certificate is ready.

SSL Lifecycle

DNS VerifiedCNAME to shield hostname detected
ProvisioningACME challenge in progress
ActiveCertificate issued, HTTPS live
RenewingAuto-renewed before expiry (60-90 days)

Behind the scenes:

  1. 1. DNS verification triggers ACME challenge
  2. 2. We create a TXT record in your DNS zone
  3. 3. Let's Encrypt validates domain ownership
  4. 4. Certificate is issued and deployed to our edge
  5. 5. HTTPS active - HTTP auto-redirects to HTTPS
Custom SSL: Upload your own certificate from Dashboard - Domain - SSL - Upload Custom Certificate.

WAF Protection

Once your domain is active, our AI-powered WAF automatically protects against SQL injection, XSS, RCE, DDoS, bot abuse, and more.

Protection Levels

Low

Minimal filtering. Blocks only known malicious patterns.

Medium

Balanced protection. Recommended for most websites.

High

Aggressive filtering. Maximum protection.

Custom WAF Rules

Create custom rules from Dashboard - Security - WAF:

Block by IPManually block specific IP addresses
Allowlist IPsWhitelist trusted IPs (office, CI/CD, monitoring)
Geo-blockingBlock or allow traffic from specific countries
Rate LimitingLimit requests per IP to prevent brute force
Bot DetectionChallenge or block automated traffic
Path BlockingBlock access to specific URL paths (e.g. /admin, /.env)
Shadow Mode: New rules run in shadow mode first — they log detections without blocking. After confidence is established, they auto-promote to enforcement mode.

Frequently Asked Questions

How long does DNS propagation take?+
Usually 5-15 minutes, but can take up to 48 hours depending on your DNS provider and TTL settings.
Do I need to change my nameservers?+
No. You only add a single CNAME record at your current DNS provider, pointing to your shield hostname. We do not use A records or CDN IPs. For a bare root domain you need a provider that supports CNAME flattening (ALIAS/ANAME) such as Cloudflare or Route 53.
Why only CNAME — can I use an A record / IP?+
No. We route exclusively via CNAME to your private shield hostname. The IP addresses behind our edge rotate and are never exposed, so there is no fixed A record to point at. CNAME also lets us fail over and scale without you ever changing DNS again.
Will my site go down during setup?+
No. The DNS change is non-destructive. Your origin server continues to work while we verify DNS, and the switch only takes effect once the CNAME resolves.
Can I use this with Cloudflare?+
Yes — Cloudflare is the easiest option. Add a CNAME to your shield hostname (Cloudflare auto-flattens it on the root domain). Set it to DNS only (grey cloud) so traffic reaches our edge directly.
What if I have an existing SSL certificate?+
You can upload your custom certificate from Dashboard - Domain - SSL. Our managed SSL is free and auto-renews.
How does the AI WAF work?+
Our edge scores every request in real time using layered AI analysis — combining behavioral signals, anomaly detection, and contextual review for borderline cases — then applies your configured action: block, challenge, or log.
What happens when my trial expires?+
You get a 7-day grace period to subscribe. After grace, WAF is disabled but DNS remains.
Can I add multiple domains?+
Yes! Each plan has a domain limit. Add domains from Dashboard - Domains - Add Domain.

Need help?

Open a support ticket from your dashboard or contact us directly.