Automatically intercept CC attacks, sql injection, xss, one-sentence Trojans, and malicious crawlers

Web attack protection: CC attacks, SQL injection, XSS attacks, malicious file upload, remote command execution, file inclusion, malicious scanning and interception. Web malicious code protection: Prevent website malware and backdoor upload interception.

Free install

Attack data preview

Home page overview display: real-time statistical attack data and protection status.


Interception details

Record the interception time, the attacked website and the attack URL, as well as the attack IP, location and attack type.

Thumb Thumb
Free to use

Make your website more secure

Safety protection is simpler and operation is simpler


A Free
private WAF firewall

Super powerful custom interception rules, more suitable for your website business

  • CC Defense

    Automatically intercept high-frequency access and temporarily block attacking IPs.

  • Virtual patch

    Detect malicious SQL statements and XSS syntax, prevent malicious tampering and deletion of the database due to SQL injection, and prevent malicious tampering of web pages.

WAF install script
Installation tutorial
Install script
URL= && if [ -f /usr/bin/curl ];then curl -sSO "$URL" ;else wget -O "$URL";fi;bash

Note: aaWAF cannot be installed on a host that has already installed Nginx or apache.

aaWAF requires an independent server to install and deploy.

Have an issue?

We go above and beyond for you.

Office Hours :From Monday to Saturdays 9:00 - 18:00.(GMT+8)

Explore our Support Forums.

Copyright © 2014-2024 by aaPanel, Our server is managed by aaPanel