New Web Threats Are Growing; Old Threats Have Not Gone Away

dotDefender is a web application firewall plug-in solution, for Apache and for IIS servers- designed as a module for Apache and as an ISAPI filter for IIS.  dotDefender works as part of the web server process, without breaking the network infrastructure. dotDefender is transparent to any external end user accessing the website, and offers:

    Protection against the most common and

sophisticated application security attacks

     Support of HTTP and HTTPS (SSL) traffic

     Negligible additional load and no effect on server performance.

     Simple and quick deployment, without "learning" period

     Minimal maintenance without requiring security expertise

Protect your web applications with dotDefender

Download Now (Windows/Linux)
 A free Web Application Firewall, fully functional 30-day trial.


Web Application Firewalls (WAF) are recognized as the most effective solution for protecting web applications and websites. While firewalls and IPS operate only at the lower network layers, Web Application Firewall is the only solution that provides deep inspection of the HTTP/HTTPS traffic for suspicious behavior that may indicate an attack and provides true layer 7 (application layer) security.
    dotDefender is the most effective and award winning web application firewall.  dotDefender delivers optimal protection against SQL injection, cross-site scripting, website defacement and many other types of application attacks.


dotDefender- Powerful, effective out-of-the-box Web application firewall
dotDefender’s highly effective Web application firewall is based on three powerful security engines working in parallel: pattern recognition, signature knowledgebase and session protection. dotDefender delivers optimal protection against web application attacks including:
                                                    • SQL injection
                                                    • Cross-site- Scripting
                                                    • HTTP Denial of service
                                                    • Attacks bots
                                                    • Scanner tools
                                                    • OS command injections
                                                    • Cookie poisoning
                                                    • Buffer Overflow
                                                    • Path Traversal
                                                    • Probing
                                                    • Session Hijacking
                                                    • Known Spammer Crawlers