BunkerWeb, the open-source and next generation web application firewall (WAF)

Make your web servicessecureby default

Fool attackers and protect your web services with our open-source Web Application Firewall.
BunkerWeb acting as a shield in front of your web services, it blocks attacks before they can hit and guarantees condidentiality, integrity and availability of your data.

Read the doc

1min Video

Web security without any hassle

Placed as a reverse proxy while offering Web Application Firewall (WAF) functionalities, the BunkerWeb solution integrates seamlessly into your existing infrastructure to secure your web services.

BunkerWeb will help you defend against common web threats such as those listed in the OWASP Top 10, block malicious bots, mitigate DDoS attacks and much more…

Use the solution as a single entry point for your web services and easily manage your HTTPS certificates, incoming traffic from external sources, and security policies related to the HTTP protocol. In other words, the security of your websites, applications and APIs is no longer a hassle.

Seamless integration into your existing infrastructure
Reverse proxy with built-in security features

Open-source solution auditable by a third party
Fully configurable to meet your needs

Integrations

More info on how to install BunkerWeb on Linux, Docker and Kubernetes inour documentation

Github repository

Join our discord

AGPLv3 free license

An open-source solution

Distributed under the AGPLv3 free license, the solution’s core code is entirely auditable by a third party and the community. Unlike the opaque “black boxes” available on the market, we’ve made the choice of transparency and peer validation. In other words, we advocate for open security over security through obscurity. Do not choose the shadows anymore, discover the light.

Why Choose Open Source?

Total Transparency: accessible source code ensures maximum trust and security
Active Community: benefit from global collaboration with users worldwide
Sovereignty: keep control and ownership of your data
Customization: tailor the software to meet your project’s specific needs

Do not choose the shadows anymore, discover the light.

Github repository

Our Vision

Transparency

BunkerWeb places transparency at the core of its solution, allowing users access to clear, open code. This approach ensures uncompromised security and offers full visibility into every protective mechanism in place.

Our mission

Auditability

BunkerWeb’s auditability enables users to verify and assess the security measures applied. By providing open access to code and configurations, BunkerWeb facilitates regular audits, enhancing compliance and trust.

Github stars

0K+

daily blocked requests

0K+

global installations

0K+

github commits

0K+

Let's Bunkerize your web services

Explore the possibilities of BunkerWeb, the open-source and next-gen Web Application Firewall (WAF), by testing it yourself.Discover the ecosystem around the solution and get in touch with us if you need more information.

An easy to use and user-friendly web UI

Manage and configure BunkerWeb easily with the web User Interface

Visit the Ui demo

Secure by default

Enforce a “security by default” policy on all your web services.

7.2K+

Stars

Anyone can audit the source code at any timeand we encourage to do so.

Github repository

Discover the BunkerWeb ecosystem

Explore the BunkerWeb ecosystem and various tools we provide to make cybersecurity more accessible and effective.From the demo website to the threat map showing blocked attacks worldwide by the solution, prepare to be amazed.

Use the tools

SOLUTIONS FOR PROFESSIONNALS

We have everything for any project

Does your company or organization have specific needs? Rest assured, we are here to address them.
In addition to the open source solution, we offer turnkey solutions and services tailored to your professional needs.
Whether through the PRO version of the solution, our fully managed service, or custom development, our solutions are flexible and scalable, ensuring that your security posture remains strong as your business evolves.

Need more

The 6 pillars of BunkerWeb

Open security

Forget security through obscurity; the source code of BunkerWeb is fully auditable by a trusted third party.

Secure by default

Apply a "security by default" policy to all your web services protected by BunkerWeb.

Agnostic

Easily install and integrate BunkerWeb into your existing cloud or on-premise environments.

Configuration

Easily and precisely configure each setting to meet your specific needs: BunkerWeb is more than a simple WAF.

Modular

Take advantage of BunkerWeb's modular architecture to easily extend its functionalities.

Professionnals

Meet the professional needs of businesses and organizations in addition to the open-source solution.

They trusted bunkerweb

BunkerWeb is a success story, it used in our production environments.
CityBee

We switched from nginx to BunkerWeb for proxying public facing on-premises hosted applications. I've had zero complaints from end users - if I hadn't posted an internal update they would be none the wiser. It has been working out great for us!
Anthony Kaul

Protecting a site with 4 CPU/8 Go RAM Bunkerweb VM for more than 33 millions HTTPS requests a day.
Sébastien Namèche

The open-source version

Freely use the open-source version of BunkerWeb to secure your web services. This solution is perfectly suited for hobbyists, organizations with no specific professional needs or simply for testing the solution before using it.