I’m sorry, but I’m going to need a LOT more information to help you.

With WAF, I assume you mean a Web Application Firewall? Such a WAF involves running security checks against web requests on the server to block any harmful requests before they can do damage.

We don’t have WAF as an explicit feature, but we do have a system to protect against bots, as well as various custom rules to block some known bad traffic.

You are by no means required to use a WAF, and using a WAF does not typically require changing DNS, because they are usually executed on the web server.

If you want to use a specific WAF that requires specific settings to be changed, please tell us specifically what you need so we can give you a specific answer.