A standalone Layer-7 WAF, CDN and bot-defense platform with Free Universal edge SSL and global multi-edge routing — one console for security, delivery and observability.
Control plane, two public edges, a logs worker and a monitor/backup node — every node health-checked from the console.
Traffic enters the nearest AegisEdge edge, where it is inspected by the WAF, challenged if suspicious, and served from cache when possible — before it ever reaches your origin. edge-1 and edge-2 run today, with failover between them.
Honest scope: AegisEdge delivers Layer-7 protection. Large volumetric L3/L4 floods still require upstream provider filtering, scrubbing, or anycast before traffic reaches the application layer.
Layered protection managed from one console — enable per domain, start in monitor mode, then switch to block.
SQL/NoSQL injection, XSS, command & template injection, path traversal, SSRF and XXE patterns with response leak scanning.
Behavioural scoring on pointer, touch and timing signals, with adaptive challenges and auto temporary blacklisting.
JavaScript, timing and header verification with Cloudflare Turnstile and Google reCAPTCHA support.
Method policy, JWT & schema validation hooks and sensitive-path controls (API Shield).
Adaptive token buckets, login throttles, post-pass flood detection and under-attack mode.
HSTS, CSP, frame and referrer policy, plus origin-IP shielding so only edge IPs reach your server.
Add a domain, point DNS to AegisEdge, and issue a certificate at the edge — no cost, no manual renewals. Choose the encryption mode that fits your origin.
Certificate lifecycle is tied to your account and domains. Per-account issuance and renewal automation is being finalized.
Traffic analytics, attack timelines, edge health and audit events — streamed to a dedicated logs worker and surfaced in the console.
Live request stream with decision, rule and source detail.
Blocked and challenged requests over time, by class.
Per-node status, latency and reachability checks.
Auth & config audit log with Telegram, Slack, Discord and email alerts.
From adding a domain to watching live traffic — start in monitor mode, then enable full protection with confidence.
Create the domain, origin pool and DNS zone.
Send traffic to AegisEdge via a proxied record.
Set the origin and firewall it to edge IPs.
Turn on protection, caching and Free SSL.
Watch events, then switch WAF to block.
Onboard a domain in monitor mode, review the events, then switch to full protection with Free Universal SSL.