Global edge security network

AegisEdge protects, accelerates, and observes every request.

A standalone Layer-7 WAF, CDN and bot-defense platform with Free Universal edge SSL and global multi-edge routing — one console for security, delivery and observability.

L7 WAF & bot defense Free Universal SSL Multi-edge routing
Edge routing active Threats filtered globally
5Fleet nodes
2Public edges
7Edge regions
Fleet

Your five-node edge fleet, live.

Control plane, two public edges, a logs worker and a monitor/backup node — every node health-checked from the console.

core-1
Control plane, console, Postgres & Redis
5.175.249.10
edge-1
Public WAF / CDN edge
5.175.249.15
edge-2
Secondary WAF / CDN edge
5.175.249.12
logs-worker
Logs, analytics & events
89.144.30.46
monitor-backup
Monitoring, backups & ns2
89.144.30.24
Global edge network

Requests are routed, filtered, and cached at the edge.

Traffic enters the nearest AegisEdge edge, where it is inspected by the WAF, challenged if suspicious, and served from cache when possible — before it ever reaches your origin. edge-1 and edge-2 run today, with failover between them.

2Active public edges (edge-1, edge-2)
7Edge regions modeled
8Threat classes covered
100%Requests inspected at L7

Honest scope: AegisEdge delivers Layer-7 protection. Large volumetric L3/L4 floods still require upstream provider filtering, scrubbing, or anycast before traffic reaches the application layer.

Security stack

Defense-in-depth at the edge.

Layered protection managed from one console — enable per domain, start in monitor mode, then switch to block.

WAF rules

SQL/NoSQL injection, XSS, command & template injection, path traversal, SSRF and XXE patterns with response leak scanning.

Bot management

Behavioural scoring on pointer, touch and timing signals, with adaptive challenges and auto temporary blacklisting.

Browser challenges

JavaScript, timing and header verification with Cloudflare Turnstile and Google reCAPTCHA support.

API protection

Method policy, JWT & schema validation hooks and sensitive-path controls (API Shield).

DDoS / L7 rate limiting

Adaptive token buckets, login throttles, post-pass flood detection and under-attack mode.

Security headers & origin shielding

HSTS, CSP, frame and referrer policy, plus origin-IP shielding so only edge IPs reach your server.

Free Universal SSL

Every protected site gets free edge SSL, with automatic renewal.

Add a domain, point DNS to AegisEdge, and issue a certificate at the edge — no cost, no manual renewals. Choose the encryption mode that fits your origin.

FlexibleHTTPS to the visitor; HTTP to origin. Quick start.
FullHTTPS end-to-end; origin certificate not strictly validated.
Full (Strict)HTTPS end-to-end with a validated origin certificate.
Recommended
example.comSSL active
IssuerLet's Encrypt
ModeFull (Strict)
Auto-renewenabled
Force HTTPSon
HSTSafter verification

Certificate lifecycle is tied to your account and domains. Per-account issuance and renewal automation is being finalized.

Observability

See every request, attack, and event.

Traffic analytics, attack timelines, edge health and audit events — streamed to a dedicated logs worker and surfaced in the console.

Request logs

Live request stream with decision, rule and source detail.

Attack timeline

Blocked and challenged requests over time, by class.

Edge health

Per-node status, latency and reachability checks.

Audit & alerts

Auth & config audit log with Telegram, Slack, Discord and email alerts.

Onboarding

Protect a site in five steps.

From adding a domain to watching live traffic — start in monitor mode, then enable full protection with confidence.

1
Add domain

Create the domain, origin pool and DNS zone.

2
Point DNS

Send traffic to AegisEdge via a proxied record.

3
Configure origin

Set the origin and firewall it to edge IPs.

4
Enable WAF/CDN/SSL

Turn on protection, caching and Free SSL.

5
Monitor traffic

Watch events, then switch WAF to block.

Pricing

Free SSL included on every plan.

Start free and upgrade for blocking WAF, managed challenges and API protection. Full details on the pricing page.

Free
0 QAR/mo
1 domain · CDN cache · monitor-mode WAF · Free SSL
Start free
Pro
99 QAR/mo
5 domains · block WAF · managed challenges · alerts
Choose Pro
Business
299 QAR/mo
25 domains · API Shield · Zero Trust · analytics
Choose Business
Enterprise
Custom
Dedicated edges · custom DDoS policy · SLA
Contact us

Deploy your first protected site.

Onboard a domain in monitor mode, review the events, then switch to full protection with Free Universal SSL.