diff --git a/docs/data-sources/cdn.md b/docs/data-sources/cdn.md
index 236fb06..7fde59d 100644
--- a/docs/data-sources/cdn.md
+++ b/docs/data-sources/cdn.md
@@ -46,7 +46,6 @@ data "cdn77_cdn" "example" {
 - `ssl` (Attributes) (see [below for nested schema](#nestedatt--ssl))
 - `stream` (Attributes) Detail parameters of stream CDN (see [below for nested schema](#nestedatt--stream))
 - `url` (String) URL of the CDN. Automatically generated when the CDN is created. The number is the same as the CDN ID.
-- `waf_enabled` (Boolean) Protect your website against XSS, SQL injection and more with our SmartWAF. We're using OWASP Core Rule Set (CRS) to protect your data against the most exploited vulnerabilities.
 
 <a id="nestedatt--cache"></a>
 ### Nested Schema for `cache`
diff --git a/docs/data-sources/cdns.md b/docs/data-sources/cdns.md
index 840a7c4..46cddb8 100644
--- a/docs/data-sources/cdns.md
+++ b/docs/data-sources/cdns.md
@@ -49,7 +49,6 @@ Read-Only:
 - `ssl` (Attributes) (see [below for nested schema](#nestedatt--cdns--ssl))
 - `stream` (Attributes) Detail parameters of stream CDN (see [below for nested schema](#nestedatt--cdns--stream))
 - `url` (String) URL of the CDN. Automatically generated when the CDN is created. The number is the same as the CDN ID.
-- `waf_enabled` (Boolean) Protect your website against XSS, SQL injection and more with our SmartWAF. We're using OWASP Core Rule Set (CRS) to protect your data against the most exploited vulnerabilities.
 
 <a id="nestedatt--cdns--cache"></a>
 ### Nested Schema for `cdns.cache`
diff --git a/docs/resources/cdn.md b/docs/resources/cdn.md
index 0a4a9c8..a3b2fa6 100644
--- a/docs/resources/cdn.md
+++ b/docs/resources/cdn.md
@@ -45,7 +45,6 @@ resource "cdn77_cdn" "example" {
 - `secure_token` (Attributes) This feature allows you to serve your content using signed URLs. You can enable your users to download secured content from the CDN with a valid hash. Note: When you check this option, make sure to generate secured links to access your content. (see [below for nested schema](#nestedatt--secure_token))
 - `ssl` (Attributes) (see [below for nested schema](#nestedatt--ssl))
 - `stream` (Attributes) Detail parameters of stream CDN (see [below for nested schema](#nestedatt--stream))
-- `waf_enabled` (Boolean) Protect your website against XSS, SQL injection and more with our SmartWAF. We're using OWASP Core Rule Set (CRS) to protect your data against the most exploited vulnerabilities.
 
 ### Read-Only
 
diff --git a/internal/provider/cdn/all_test.go b/internal/provider/cdn/all_test.go
index 715e8f6..541d0e4 100644
--- a/internal/provider/cdn/all_test.go
+++ b/internal/provider/cdn/all_test.go
@@ -106,7 +106,6 @@ func TestAccCdnAllDataSource(t *testing.T) {
 				attrEq(i, "rate_limit_enabled", "false"),
 				attrEq(i, "secure_token.type", string(cdn77.SecureTokenTypeNone)),
 				attrEq(i, "ssl.type", string(cdn77.InstantSsl)),
-				attrEq(i, "waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, key(i, "stream")),
 				resource.TestCheckNoResourceAttr(rsc, key(i, "cache.max_age_404")),
@@ -145,7 +144,6 @@ func TestAccCdnAllDataSource(t *testing.T) {
 				attrEq(i, "rate_limit_enabled", "false"),
 				attrEq(i, "secure_token.type", string(cdn77.SecureTokenTypeNone)),
 				attrEq(i, "ssl.type", string(cdn77.InstantSsl)),
-				attrEq(i, "waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, key(i, "stream")),
 				resource.TestCheckNoResourceAttr(rsc, key(i, "cache.max_age_404")),
diff --git a/internal/provider/cdn/cdn.go b/internal/provider/cdn/cdn.go
index 29269a8..650fa9b 100644
--- a/internal/provider/cdn/cdn.go
+++ b/internal/provider/cdn/cdn.go
@@ -281,8 +281,6 @@ func (r *Resource) createEditRequest( //nolint:cyclop
 
 	request.Ssl.Type = cdn77.SslType(data.Ssl.Type.ValueString())
 
-	request.Waf.Enabled = data.WafEnabled.ValueBool()
-
 	return request, true
 }
 
@@ -307,7 +305,6 @@ func (*Resource) createDefaultEditRequest() cdn77.CdnEditJSONRequestBody {
 		RateLimit:          &cdn77.RateLimit{},
 		SecureToken:        &cdn77.SecureToken{Type: cdn77.SecureTokenTypeNone},
 		Ssl:                &cdn77.CdnSsl{Type: cdn77.InstantSsl},
-		Waf:                &cdn77.Waf{},
 	}
 }
 
diff --git a/internal/provider/cdn/cdn_test.go b/internal/provider/cdn/cdn_test.go
index e187ea4..0eeae64 100644
--- a/internal/provider/cdn/cdn_test.go
+++ b/internal/provider/cdn/cdn_test.go
@@ -76,7 +76,6 @@ func TestAccCdnResource(t *testing.T) {
 				attrEq("rate_limit_enabled", "false"),
 				attrEq("secure_token.type", string(cdn77.SecureTokenTypeNone)),
 				attrEq("ssl.type", string(cdn77.InstantSsl)),
-				attrEq("waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, "stream"),
 				resource.TestCheckNoResourceAttr(rsc, "cache.max_age_404"),
@@ -157,7 +156,6 @@ func TestAccCdnResource(t *testing.T) {
 				attrEq("secure_token.token", "abcd1234"),
 				attrEq("secure_token.type", string(cdn77.SecureTokenTypePath)),
 				attrEq("ssl.type", string(cdn77.InstantSsl)),
-				attrEq("waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, "stream"),
 				resource.TestCheckNoResourceAttr(rsc, "geo_protection.countries"),
@@ -265,7 +263,6 @@ func TestAccCdnResource(t *testing.T) {
 						type = "SNI"
 						ssl_id = "{sslId}"
 					}
-					waf_enabled = true
 				}`,
 				"sslId", sslId,
 			),
@@ -315,7 +312,6 @@ func TestAccCdnResource(t *testing.T) {
 				attrEq("secure_token.type", string(cdn77.SecureTokenTypePath)),
 				attrEq("ssl.ssl_id", sslId),
 				attrEq("ssl.type", string(cdn77.SNI)),
-				attrEq("waf_enabled", "true"),
 
 				resource.TestCheckNoResourceAttr(rsc, "stream"),
 
@@ -409,7 +405,6 @@ func TestAccCdnResource(t *testing.T) {
 						acctest.EqualField("secure_token.token", *c.SecureToken.Token, "abcd1234"),
 						acctest.EqualField("ssl.type", c.Ssl.Type, cdn77.SNI),
 						acctest.EqualField("ssl.ssl_id", *c.Ssl.SslId, sslId),
-						acctest.EqualField("waf_enabled", c.Waf.Enabled, true),
 					)
 				}),
 			),
@@ -446,7 +441,6 @@ func TestAccCdnResource(t *testing.T) {
 				attrEq("rate_limit_enabled", "false"),
 				attrEq("secure_token.type", string(cdn77.SecureTokenTypeNone)),
 				attrEq("ssl.type", string(cdn77.InstantSsl)),
-				attrEq("waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, "stream"),
 				resource.TestCheckNoResourceAttr(rsc, "cache.max_age_404"),
@@ -561,7 +555,6 @@ func TestAccCdnDataSource_OnlyRequiredFields(t *testing.T) {
 				attrEq("rate_limit_enabled", "false"),
 				attrEq("secure_token.type", string(cdn77.SecureTokenTypeNone)),
 				attrEq("ssl.type", string(cdn77.InstantSsl)),
-				attrEq("waf_enabled", "false"),
 
 				resource.TestCheckNoResourceAttr(rsc, "stream"),
 				resource.TestCheckNoResourceAttr(rsc, "cache.max_age_404"),
@@ -655,7 +648,6 @@ func TestAccCdnDataSource_AllFields(t *testing.T) {
 		RateLimit:   &cdn77.RateLimit{Enabled: true},
 		SecureToken: &cdn77.SecureToken{Token: util.Pointer("abcd1234"), Type: cdn77.SecureTokenTypePath},
 		Ssl:         &cdn77.CdnSsl{SslId: util.Pointer(sslId), Type: cdn77.SNI},
-		Waf:         &cdn77.Waf{Enabled: true},
 	}
 	cdnEditResponse, err := client.CdnEditWithResponse(context.Background(), cdnId, cdnEditRequest)
 	acctest.AssertResponseOk(t, "Failed to edit CDN: %s", cdnEditResponse, err)
@@ -709,7 +701,6 @@ func TestAccCdnDataSource_AllFields(t *testing.T) {
 			attrEq("secure_token.type", string(cdn77.SecureTokenTypePath)),
 			attrEq("ssl.ssl_id", sslId),
 			attrEq("ssl.type", string(cdn77.SNI)),
-			attrEq("waf_enabled", "true"),
 
 			resource.TestCheckNoResourceAttr(rsc, "stream"),
 		),
@@ -786,7 +777,6 @@ func checkCdnDefaults(
 			acctest.EqualField("https_redirect.code", c.HttpsRedirect.Code, nil),
 
 			acctest.EqualField("mp4_pseudo_streaming_enabled", *c.Mp4PseudoStreaming.Enabled, false),
-			acctest.EqualField("waf_enabled", c.Waf.Enabled, false),
 			acctest.EqualField("ssl.type", c.Ssl.Type, cdn77.InstantSsl),
 			acctest.EqualField("ssl.ssl_id", c.Ssl.SslId, nil),
 			acctest.EqualField("hotlink_protection.code", c.HotlinkProtection.Type, cdn77.Disabled),
diff --git a/internal/provider/cdn/reader.go b/internal/provider/cdn/reader.go
index 11aec21..77ce7e6 100644
--- a/internal/provider/cdn/reader.go
+++ b/internal/provider/cdn/reader.go
@@ -126,7 +126,6 @@ func (r *Reader) Process(ctx context.Context, model Model, cdn *cdn77.Cdn, diags
 			Type:  types.StringValue(string(cdn.Ssl.Type)),
 			SslId: types.StringPointerValue(cdn.Ssl.SslId),
 		},
-		WafEnabled: types.BoolValue(cdn.Waf.Enabled),
 	}
 }
 
diff --git a/internal/provider/cdn/schema.go b/internal/provider/cdn/schema.go
index f143d4d..b37aa0a 100644
--- a/internal/provider/cdn/schema.go
+++ b/internal/provider/cdn/schema.go
@@ -41,7 +41,6 @@ type Model struct {
 	RateLimitEnabled          types.Bool              `tfsdk:"rate_limit_enabled"`
 	SecureToken               *ModelSecureToken       `tfsdk:"secure_token"`
 	Ssl                       *ModelSsl               `tfsdk:"ssl"`
-	WafEnabled                types.Bool              `tfsdk:"waf_enabled"`
 }
 
 type ModelStream struct {
@@ -557,14 +556,6 @@ func CreateResourceSchema() schema.Schema {
 					},
 				)),
 			},
-			"waf_enabled": schema.BoolAttribute{
-				Optional: true,
-				Computed: true,
-				Description: `Protect your website against XSS, SQL injection and more with our SmartWAF. ` +
-					`We're using OWASP Core Rule Set (CRS) to protect your data against the most exploited ` +
-					`vulnerabilities.`,
-				Default: booldefault.StaticBool(false),
-			},
 		},
 	}
 }