In the era of information technology advancement, web applications have become a means of seeking information. However, with technological progress, they have become increasingly vulnerable to cyber attacks such as SQL Injection and Cross-Site Scripting (XSS). This research aims to implement the Teler-waf Web Application Firewall (WAF) to protect web applications from such attacks. The research methodology includes the implementation of the Teler-waf WAF, analysis of web application security, and testing the speed of attack detection. The results show that Teler-waf is effective in preventing attacks, and its integration with Telegram bots provides real-time notifications to system administrators, enhancing security responsiveness. This research contributes to strengthening web application security and understanding the role of the Teler-waf WAF in addressing cyber threats.