Freely use the open source version of BunkerWeb to secure your web services. This solution is perfectly suited for hobbyists, organizations with no specific professional needs or simply for testing the solution before using it.
Explore our professional plans with no commitment.
If the Free plan isn’t enough for your needs, we’ve got you covered — our PRO offers give you access to advanced features, enhanced protection, and expert support.
Enjoy a 30-day free trial on all paid plans and discover the full potential of BunkerWeb.
Upgrade or cancel anytime — you’re in control.
Shield
Perfect for SMBs, tech startups, and growing IT projects
Fortress
Designed for multi-site organizations, scale-ups, and sensitive industries (healthcare, finance, education...)
Sentinel
Do you have specific needs? Let's find a tailored solution to fit your unique requirements
A fully tailored solution, built around your specific business needs.
BunkerWeb CLOUD gives you the flexibility and transparency of open source security, with the convenience of a SaaS solution fully operated by our experts.
The essential
Tell us more about your project, we will come back to you shortly.
| Plugin | Description | Category |
|---|---|---|
| Antibot | Detects and blocks typical malicious bot behavior. | Core (Free) |
| Auth basic | Protects access to certain resources using basic HTTP authentication. | Core (Free) |
| Backup | Local backup of BunkerWeb configuration and settings. | Core (Free) |
| Bad Behavior | Filters abnormal HTTP requests to prevent abuse. | Core (Free) |
| Blacklist | Manually blocks specific IPs or IP ranges. | Core (Free) |
| Brotli | Enables Brotli compression to optimize page load times. | Core (Free) |
| BunkerNet | Community-based IP blocking via the BunkerNet network. | Core (Free) |
| Client cache | Configures cache headers for clients to improve performance. | Core (Free) |
| CORS | Manages permissions for cross-origin requests (CORS). | Core (Free) |
| Country | Applies rules based on the visitor's country of origin. | Core (Free) |
| CrowdSec | Integrates CrowdSec's collaborative IP protection. | Core (Free) |
| Custom SSL certificate | Allows using custom SSL certificates to secure connections. | Core (Free) |
| DNSBL | Checks client IPs against public DNS blacklists to detect threats. | Core (Free) |
| Database | Configures access to a database to store specific data. | Core (Free) |
| Errors | Customizes the HTTP error pages shown to users. | Core (Free) |
| Greylist | Introduces a delay for certain requests to detect suspicious behavior. | Core (Free) |
| Gzip | Enables Gzip compression to reduce HTTP response sizes and speed up load times. | Core (Free) |
| HTML injection | Injects custom HTML into served pages (e.g., banners or scripts). | Core (Free) |
| Headers | Manages and modifies HTTP headers to enhance security and privacy. | Core (Free) |
| Let's Encrypt | Automatically handles SSL certificates via Let's Encrypt. | Core (Free) |
| Limit | Limits requests from the same source to prevent abuse or DoS attacks. | Core (Free) |
| Metrics | Collects and exposes performance metrics for monitoring. | Core (Free) |
| Miscellaneous | Provides additional options to fine-tune BunkerWeb behavior. | Core (Free) |
| ModSecurity | Integrates the ModSecurity WAF engine for advanced protection. | Core (Free) |
| PHP | Configures and optimizes PHP script execution for web apps. | Core (Free) |
| Real IP | Ensures BunkerWeb uses the client’s real IP by analyzing appropriate headers. | Core (Free) |
| Redirect | Configures URL redirections to direct traffic as needed. | Core (Free) |
| Redis | Integrates Redis for temporary data storage and caching. | Core (Free) |
| Reverse Proxy | Enables BunkerWeb to act as a reverse proxy, routing requests to backend servers. | Core (Free) |
| Reverse scan | Analyzes client behavior in response to specific info to detect anomalies. | Core (Free) |
| SSL | Manages SSL/TLS settings to secure connections, including certificate and protocol support. | Core (Free) |
| Security.txt | Serves a standards-compliant `security.txt` file for security contact info. | Core (Free) |
| Self-signed certificate | Automatically generates and uses self-signed SSL/TLS certificates — ideal for dev or internal use. | Core (Free) |
| Sessions | Manages user sessions, including cookie settings and expiration. | Core (Free) |
| Web UI | Provides a web interface to manage and configure BunkerWeb easily. | Core (Free) |
| Whitelist | Manages a list of trusted IPs with unrestricted access. | Core (Free) |
| Plugin | Description | Category |
|---|---|---|
| ClamAV | Local antivirus scanning for uploaded files. | External (Free with setup) |
| Coraza | High-performance open-source WAF based on OWASP CRS. | External (Free with setup) |
| Discord | Sends security alerts to a Discord channel via webhook. | External (Free with setup) |
| Slack | Sends security alerts to a Slack channel via webhook. | External (Free with setup) |
| VirusTotal | Scans uploaded files via the VirusTotal API. | External (Free with setup) |
| Webhook | Sends customizable alerts to a specified HTTP endpoint. | External (Free with setup) |
The PRO list plugins :| Plugin | Description | Category |
|---|---|---|
| Anti-DDoS | Advanced protection against DDoS attacks. | PRO (Paid) |
| Backup S3 | Remote backup to Amazon S3. | PRO (Paid) |
| Migration | Easily migrate the database between environments. | PRO (Paid) |
| Monitoring | Monitor service status and performance. | PRO (Paid) |
| Prometheus Exporter | Exposes metrics for Prometheus, compatible with Grafana. | PRO (Paid) |
| Reporting | Generates weekly or monthly usage and threat reports. | PRO (Paid) |
| User Manager | Manage users and their access rights. | PRO (Paid) |
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF).
Being a full-featured web server focused on cybersecurity, it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) and is fully configurable (don't panic, there is an awesome web UI if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle.
BunkerWeb contains primary security features as part of the core but can be easily extended with additional ones thanks to a plugin system.
BunkerWeb protects your web applications from a wide range of threats, including SQL injection, XSS, and DDoS attacks. It also provides features like rate limiting and WAF customization to tailor protection to your specific needs."
With BunkerWeb, you can safeguard your web services from common vulnerabilities and attacks. It offers comprehensive protection for your applications and APIs.
BunkerWeb sets itself apart from other Web Application Firewalls (WAFs) through several key features:
BunkerWeb can be easily integrated into your existing infrastructure as a reverse proxy, intercepting all HTTP/HTTPS traffic to your web applications. It supports various deployment options, including:
Yes, BunkerWeb is designed with user-friendliness in mind. It features an intuitive web interface that allows you to configure and manage your WAF without requiring in-depth technical expertise. Additionally, the comprehensive documentation and active community provide ample support for users of all levels.
Key factors contributing to BunkerWeb's ease of use include:
In summary, BunkerWeb is a powerful and flexible WAF that offers a combination of advanced features, ease of use, and community support, making it an excellent choice for organizations seeking to enhance their web application security.
Whether you’re looking for support, more information, or just want to connect, the BunkerTeam is ready to assist. Let’s secure the web together!
