SecureGate sits in front of your internal web applications and enforces Microsoft 365 login, group-based access, WAF protection and rate limiting on your own infrastructure.
Features
Everything you need to lock down internal applications — managed from a single dashboard.
Force Microsoft 365 login on any web app. Restrict access to specific Azure AD security groups per domain.
Block SQLi, XSS, path traversal and hundreds of other attack patterns before they reach your application.
Token bucket rate limiting per IP. Auto-ban after repeated violations using nftables firewall rules.
Allow or deny traffic by country per domain. Useful for GDPR-sensitive apps or region-locked services.
Every login, denial and proxy event is logged with timestamp, user, IP and domain. Logs stay on your server.
Azure credentials are never written to disk or passed through a third party. Held in memory only.
How It Works
SecureGate installs on your server and sits in front of your existing apps — no code changes needed.
Deploy the SecureGate engine on any Ubuntu server via a single install script.
Point your domain at the server. SSL is provisioned automatically via Let's Encrypt.
Paste your Azure App Registration credentials. Choose which security group gets access.
All traffic is now gated behind Microsoft 365 login with WAF and rate limiting active.
Comparison
Third-party proxies see your decrypted traffic, charge per seat, and store your logs off-site. SecureGate keeps everything under your control.
| Feature | SecureGate | Third-Party Proxy Services |
|---|---|---|
| Azure AD group-based access | ✓ | ✓ |
| Traffic stays on your server | ✓ | ✗ |
| Per-user licensing cost | $0 | $$$ |
| GDPR / on-premise log storage | ✓ | Limited |
| Custom WAF rules per app | ✓ | Paid tiers only |
| GeoIP blocking per domain | ✓ | ✓ |
| No third party sees traffic | ✓ | ✗ |
Log in to your dashboard to manage domains, view audit logs and configure access policies.
Go to Dashboard →