WebOrion® Protector

Our industry-leading web application firewall (WAF) and DDoS mitigation solution stops attackers in their tracks.


Security for All Platforms

The WebOrion® Protector provides complete web application security for all platforms, including WordPress, Joomla!, Drupal, Magento, and custom applications. Defend against the OWASP Top Ten threats and previously disclosed software vulnerabilities.

Learn About Web Security

Up-to-Date Threat Intelligence

Our security research team constantly adds new WebOrion® rules and review them to keep you protected 24/7 from the latest and most dangerous threats in the wild. The WebOrion® Protector WAF keeps your websites safe by publishing new rules as soon as vulnerabilities are announced.


Industry Leading WAF Engine

The WebOrion® Protector WAF uses an intelligent anomaly-scoring, heuristics and signature-based WAF engine to effectively discern between good traffic and malicious traffic. Optimized for speed and minimized false positives, your website can start enjoying better security with the WebOrion® Protector WAF without a single minute of downtime.


Mitigate DDoS Attacks

The WebOrion® Protector works together with the WebOrion® Accelerator to stand in front of your web server, regardless of DDoS attack size. We disperse traffic within our globally distributed and stop attacks at the edge, so that your web server remains safe from attack.


Free Managed SSL Certificates

All domains on WebOrion® come free with a LetsEncrypt SSL certificate, automatically provisioned and renewed every 90 days. Improve page load performance, regain your users’ trust and boost your search engine rankings just by using HTTPS.

Alternatively, you can always upload your own custom SSL certificate when you sign up for the Pro plan or higher.

How the WebOrion® Protector WAF Works


Seamless Inspection

The WebOrion® Protector sits in between the visitor and your web server, inspecting all web traffic going in and out of your website.


Intelligent Filtering

If the WebOrion® Protector detects any malicious requests, it will stop the traffic before it reaches your web server, keeping it safe from exploits.


Preventive Blacklisting

Any blocked requests will show up in the Firewall Event Log, where you can review the detected threats and attack attempts to your website to further blacklist bad IP addresses.

Easy to Use and Configure

Check out a quick demo of the WebOrion® Protector WAF in action.

Complete Feature Comparison

Web Application Firewall
Protection against the OWASP Top Ten and other generic threats
Protects against SQL injections, XSS, LFI, RFI, RCE attacks.
Protection against information disclosure
Prevents display of SQL error messages, directory listings, etc.
Platform-specific protection (WordPress, Joomla!, Drupal, etc.)
Block bad bots and IP addresses
IP whitelist/blacklist
Searchable real-time firewall event log
Firewall event log retention 7 days 7 days Contact us
Custom WAF whitelisting rules 3 rules 100 rules
Custom WebOrion® Protector rules
DDoS Protection
Basic DDOS - Layer 3 & 4 Protection
Protects against common attacks such as UDP Flood, Ping of Death, SYN Flood. DDOS attacks will not be counted towards your monthly data transfer
Advanced DDoS- Layer 3, 4 & 7 Protection
Protect against Layer 7 HTTP/HTTPS attacks. DDOS attacks will not be counted towards your monthly data transfer
Contact us Contact us Contact us

Why take the risk?

Fortify, accelerate and monitor your website today.

Thank you, your form has sent successfully