Atomic Edge highlights differentiators including IP restriction by URI path, smart rate limiting by route and HTTP method, built-in DDoS mitigation, custom page rules management through a UI or programmable interface, and real-time global security rule updates. It also emphasizes seamless integration with modern stacks, CI/CD pipelines, and APIs.
Cloud Edge WAF for WordPress
Stop WordPress login attacks, REST API abuse, and WooCommerce bot traffic
before PHP runs.
Add one WordPress site and see which login attacks, bot requests, and exploit probes are stopped at the edge before they hit PHP, plugins, or your host. Start free, validate the traffic, and upgrade only when you need path rules, tighter rate limits, or better operator visibility.
Start free on one siteSee blocked traffic from the dashboardNo full nameserver delegationUpgrade when path rules matter
Start with one WordPress site. Upgrade only when you need tighter controls
For most developers and site owners, the right first step is simple: protect one live site, confirm what the edge stops, then pay only when login, admin, API, or checkout paths need more control.
Start free on one site
Best for proving that login probes, XML-RPC abuse, REST API noise, and common WordPress attack traffic can be filtered before PHP runs.
Upgrade when path-level control matters
Move to Pro when login, admin, checkout, REST API, or client-specific paths need different rules, tighter rate limits, geo controls, or CDN/cache visibility.
Need multi-site help later?
Keep this for later if you manage multiple WordPress installs and need centralized reporting, CVE response, or higher-touch support.
What your first free-site win should look like
The free tier should prove one thing quickly: Atomic Edge is stopping the noisy WordPress traffic that plugins only see after PHP wakes up. Upgrade when that protection needs to become operationally specific.
See login and XML-RPC noise stop earlier
Use the free tier on one site and confirm that wp-login.php, xmlrpc.php, and common probe paths are being filtered before PHP work starts.
Check the edge, not just wp-admin
Review blocked requests, countries, IPs, and rule activity from the dashboard and plugin so you can judge whether the edge is catching the traffic your origin should never have to process.
Upgrade when checkout, admin, or API paths need special handling
Move to Pro when WooCommerce checkout, wp-admin, REST API routes, or client-specific paths need dedicated rules, tighter rate limits, geo controls, or deeper operator visibility.
See how Atomic Edge protects WordPress
Watch how Atomic Edge filters malicious traffic before it reaches WordPress, and why edge protection is different from relying only on a plugin.
What you unlock with Atomic Edge Pro
Pro is for the moment when a single free-site proof turns into an operational requirement: path-specific rules, geo filtering, WAF logs, CDN/cache controls, advanced rate limits, and CVE-aware rules.
Bad trafficBrute force, bots, plugin exploit attempts, XML-RPC abuse
→
Atomic Edge WAFCoraza, OWASP CRS, WordPress path rules, rate limits
→
Clean trafficOnly allowed requests continue to WordPress and PHP
Page rules for WordPress paths
Apply different controls to wp-login.php, wp-admin, XML-RPC, REST API routes, WooCommerce checkout, and plugin-specific paths. Protect sensitive areas without slowing down the rest of your site.
Geo filtering
Restrict sensitive paths by country without blocking your entire website or changing your DNS provider. Useful for admin areas, login pages, and regions you do not serve.
Smart rate limiting
Slow down brute force attempts, bot traffic, and abusive endpoint hits without punishing normal visitors.
CDN and cache visibility
Improve performance while seeing which requests are cached, blocked, challenged, or passed through to origin. Security and performance should be visible in one place.
CVE-aware virtual patching
Use WAF rules mapped to emerging WordPress plugin vulnerabilities while you patch safely.
Centralized visibility
See blocked attacks, IPs, countries, rule triggers, and site-level activity from the Atomic Edge dashboard and WordPress integration.
Why Atomic Edge Works for WordPress Security
Real-Time Threat Detection
Atomic Edge combines managed rules and behavioral analysis to spot WordPress attack patterns early, including brute-force bursts, exploit probes, and abusive bot traffic.
OWASP Top 10 Protection
Comprehensive coverage against the most critical web application vulnerabilities: SQL injection, cross site scripting, broken authentication, security misconfigurations, and more. Every request is evaluated against premium firewall rules aligned with OWASP standards.
No Nameserver Changes Required
Unlike other cloud firewall solutions that require full DNS delegation, Atomic Edge works with a simple A record change. Keep your existing DNS configuration. Maintain full control of your domain. Setup takes minutes, not hours.
WordPress-Optimized Firewall Rules
Custom protection for the attack surfaces that matter most: wp-login.php, your WordPress admin area, REST API endpoints, and vulnerable plugin paths. Rate limiting on login attempts stops brute force attacks before they overwhelm your server.
Protect Without WordPress Overhead
Filtering happens before requests reach WordPress, so bad traffic is less likely to consume PHP workers, plugin code, or database capacity. Protection stays outside your theme and plugin stack, which also reduces security-plugin conflict risk.
AI Bot Blocking
Block malicious bots, scrapers, credential stuffers, and spam bots automatically. Atomic Edge distinguishes between legitimate crawlers and harmful traffic using behavioral analysis—not just IP addresses.
Why use an edge WAF instead of only a WordPress security plugin?
Most WordPress security plugins run inside WordPress. That means the request has already reached PHP, your plugins, your theme, and your hosting stack. Atomic Edge filters traffic before it reaches WordPress, which helps reduce origin load and gives you edge-level controls for login, admin, API, checkout, and vulnerable plugin paths.
Block earlier
Filter malicious traffic before it reaches WordPress, PHP, plugins, or your hosting server.
Control sensitive paths
Apply rules to wp-login.php, wp-admin, XML-RPC, REST API routes, WooCommerce checkout, and plugin-specific URLs.
Reduce plugin conflict risk
Atomic Edge works at the edge instead of adding another heavy security layer inside WordPress.
What Makes Atomic Edge Different from Other WordPress Security Solutions
URI Path Protection
Granular firewall rules by URL path. Apply strict rate limiting to wp-login.php without affecting your homepage. Block specific IP addresses from your WordPress admin area while allowing normal access elsewhere. Protect REST API endpoints with custom rules that match your site’s actual usage patterns.
Smart Rate Limiting
Intelligent throttling that stops brute force attacks without blocking legitimate users. Unlike blunt rate limits that frustrate real visitors, Atomic Edge analyzes request patterns to distinguish between a user who mistyped their password and an automated attack attempting thousands of login attempts.
WordPress Plugin Integration
The companion WordPress plugin gives you blocked-request visibility, alerts, and firewall activity inside wp-admin, while the Atomic Edge dashboard handles policy changes, deeper inspection, and multi-site oversight when you need it.
Virtual Patching
When a WordPress vulnerability is disclosed, Atomic Edge can ship managed firewall rules to help reduce exposure while you validate and apply the real patch. It is a mitigation layer, not a replacement for updating the vulnerable plugin or theme.
Rapid Threat Response
Atomic Edge pairs managed rules with behavioral detection to surface exploit probes, brute-force bursts, scanner traffic, and abnormal request patterns that deserve review or blocking.
No Plugin Conflicts
Plugin based firewall solutions run inside WordPress. They compete for PHP resources, can conflict with themes or other security plugins, and create compatibility issues during updates. Atomic Edge runs at the network edge, completely independent of your WordPress installation.
Who Atomic Edge Is Built For
WordPress Site Owners
You want reliable security without becoming a security expert. Atomic Edge protects your WordPress website from common attacks with minimal configuration. Even the free version covers OWASP Top 10 threats and brute force protection.
Web Agencies Managing Client Sites
You manage dozens of WordPress sites with different risk levels. Atomic Edge gives you centralized visibility, consistent protection, and upgrade-ready controls for client sites without adding another complex security stack.
E-commerce WordPress Sites
Your WooCommerce store needs protection that does not damage checkout performance. Atomic Edge helps control malicious traffic, login abuse, checkout bots, and suspicious requests before they reach your store.
WordPress Developers
You build custom themes, plugins, and applications on WordPress. Atomic Edge protects your staging environments and production deployments while giving you detailed logs to debug legitimate traffic issues. API endpoints get the same protection as traditional WordPress pages.
Bloggers and Content Creators
You focus on creating engaging content and need a security solution that works quietly in the background. Atomic Edge safeguards your site from spam, malicious bots, and targeted attacks without requiring technical expertise or constant monitoring.
Small Business Owners
Start with free protection, then upgrade when you need page rules, geo filtering, CDN caching, and stronger controls for your business website.
Choose the edge protection that fits your WordPress stack
Free
Ideal for personal sites, hobby projects, and low-risk installs
Free
OWASP Core Rule Set
Basic Rate Limiting
Custom Ruleset
Geographic Protection
Restricted Threshold-based Rate Limiting
Advanced Analytics
API Access
Community Support
Advanced
For production WordPress sites, client work, and growing traffic
$6
Per Month
Everything in Free, plus:
CMS-Specific Rules
IP Restriction by URI
Flexible Threshold-based Rate Limiting
Analytics Dashboard
API Access
Email Support
Custom / Enterprise
Only for teams that need managed support, custom rules, or multi-site coordination beyond the Advanced plan.
Custom
Only when Advanced is no longer enough:
Custom Rule Engineering
Zero-Day Rule Deployment
Priority SLA Support
Account Manager
Multi-Site Management
Frequently Asked Questions
What is Atomic Edge and how does it protect my website?
Cloud-based WAF protection between visitors and your originAtomic Edge is a cloud-based Web Application Firewall (WAF) that sits between your website visitors and your web server. It inspects incoming traffic and blocks malicious requests before they reach your site. It’s designed to be straightforward to set up (no nameserver change required) and works well for WordPress and other modern stacks.
What types of attacks does Atomic Edge block?
Coverage for common web exploits and OWASP-aligned threatsAtomic Edge protects against common attacks including SQL injection, cross-site scripting (XSS), remote file inclusion, command injection, and brute-force attempts. It uses the OWASP Core Rule Set and includes specialized rulesets for WordPress sites.
Do I need to change my nameservers to use Atomic Edge?
No—setup is designed to be DNS-record basedAtomic Edge does not require a nameserver change. Setup is as easy as changing your domain’s A record.
How do I configure DNS to use Atomic Edge?
Point A/AAAA records to the provided endpoint addressesAfter creating your site, Atomic Edge provides endpoint addresses. Update your DNS records with your DNS provider:
-
A record → Atomic Edge IPv4
-
AAAA record → Atomic Edge IPv6 (if provided)
DNS propagation is typically 5–60 minutes.
-
What's the difference between the Free, Advanced, and Enterprise plans?
Plan tiers vary by limits, rule coverage, and supportAtomic Edge positions three plans with differences across:
-
Number of sites (Free up to 100; Advanced/Enterprise unlimited)
-
Rulesets (Free: OWASP Core only; Advanced/Enterprise: all rulesets)
-
Page protection rules (Free 5 max; Advanced 30 max; Enterprise unlimited)
-
Rate limiting capacity (Free/Advanced up to 10,000 RPM; Enterprise unlimited)
-
Priority support (Enterprise)
-
How does rate limiting work, and how should I configure it?
Request-per-minute controls per IP and URI patternRate limiting caps how many HTTP requests a single IP can make to specific URI patterns. When exceeded, the user receives an HTTP 429 response. It’s configured as a Page Protection Rule in the Access Control tab (choose Rate Limiting, set a URI pattern, and set Requests Per Minute). Suggested starting points include 60–120 RPM for normal pages, 30–60 RPM for API endpoints, and 10–30 RPM for login pages.
Can I block AI bots from scraping my content?
Built-in AI bot protection with selectable providersAtomic Edge includes AI Bot Protection and lists support for blocking major AI crawlers (including OpenAI, Anthropic, Google AI’s Google-Extended, DeepSeek, GitHub Copilot, and Perplexity). Enable it in the Bot Protection tab by toggling Bot Blocking, selecting providers, and choosing a response code (403, 404, or 451). It also states this does not affect legitimate search engines like Google Search or Bing.
How do I protect specific pages like my admin area or login page?
Page Protection Rules for IP restrictions, CAPTCHA, and rate limitingUse Page Protection Rules in the Access Control tab to apply controls to specific URIs. Examples given include:
-
IP restriction for
/admin/*(including a “stealth mode” 404 response) -
CAPTCHA challenge for
/wp-login.php -
Rate limiting for
/api/*
-
How long does it take for changes to take effect?
Most settings deploy quickly, while DNS depends on propagationMost configuration changes take effect within seconds after saving and are deployed to distributed endpoints. Exceptions called out include DNS propagation (typically 5–60 minutes), bot IP lists updated daily, and WAF rulesets maintained automatically.
What makes Atomic Edge different from a typical WAF?
Granular controls, rapid updates, and developer-friendly integration
Trusted by Developers & Organizations
Designed for WordPress teams, developers, agencies, and organizations that need practical edge protection without added complexity.
