diff --git a/docs/waf-modsecurity.md b/docs/waf-modsecurity.md
new file mode 100644
index 0000000..e1dd384
--- /dev/null
+++ b/docs/waf-modsecurity.md
@@ -0,0 +1,46 @@
+# DD - Apache2 ModSecurity + HAProxy
+
+Installation of Apache2 ModSecurity and HAProxy.
+
+* In Apache2 with ModSecurity V3 enabled are included the OWASP rules.
+* HAProxy service acts as application frontend and administers and negotiates the SSL domain certificate using Letsencrypt.
+* Modsecurity is disabled by default when installing DD.
+* The installation can be done with or without WAF part.
+* If you have installed WAF you can set in bypass mode or enabled mode.
+
+## Apache - ModSecurity
+
+You can find the service definition in `dd-sso/docker/waf-modsecurity`.
+
+There are different files to set up this service:
+
+* `000-default.conf` contains Apache2 web service settings.
+* `crs-setup.conf` is where is configured the OWASP ModSecurity Core Rule Set ver.3.2.0 .
+* `modsec_rules.conf` contains the needed files for owasp service of Apache2.
+* `rules_apps.conf` is where are configured the false positives, of different applications, that needs to be detected until the moment.
+
+### Enable/Disable
+
+DD can be used with  WAF enabled or disabled, this is set in variable `DISABLE_WAF` in `dd.conf` file.
+
+The default value is `true` (WAF disabled), this will change in the future.
+
+```
+# Sample of dd.conf
+
+# Enable WAF
+DISABLE_WAF=false
+
+# Disable WAF
+DISABLE_WAF=true
+```
+
+### Configuration
+
+Changes in `dd.conf` are not immediate, you need to deploy again the DD containers using `dd-ctl`:
+
+```sh
+./dd-ctl down
+./dd-ctl build
+./dd-ctl up
+```