Website attacks are continuously evolving, software vulnerabilities are too numerous, you need a way to stop the attack before they hit your website.
Being able to detect and remediate is but one facet of a very complex website security world. Over the years we have been studying attacks, from their inception to their distribution points. In that process we have learned a good deal in the way website attacks happen. We have used that insight to build our latest product – CloudProxy.
Unlike our other products, CloudProxy has one objective, stop attackers from getting into your website at all. At the end of the day, that’s what all website owners really want. They don’t care about the details, they just want to continue to operate their business and continue to provide information to their various followers via their website. That is exactly what we aim to fix with this product, our goal is to provide you the ease of mind you require in this highly volatile website security domain.
Web Application Firewall (WAF) Intrusion Detection System (IDS) For Websites
The CloudProxy is a Web Application Firewall (WAF) Intrusion Detection System (IDS) for websites. In short, it’s a cloud-based protective perimeter that any website owner can configure to repel hackers from exploiting the various website vulnerabilities. The technology is platform agnostic, it will support any type of web site platform (i.e., WordPress, Joomla, vBulletin, Magento, custom HTML, etc) and will work with any web server technology (i.e., Apache, Ruby, IIS, etc.. ).
It uses a proprietary approach to application profiling, malicious URL filtering, and anomaly detection on all traffic. All logs are maintained within the Sucuri infrastructure and monitored by our security operations team.
Existing clients have the option to sign up to it here: here.
New clients can sign up here:
The proxy is compromised of three elements:
The URL filtering function is similar in the way it works to a number of other firewalls, but is unique in it’s approach to it’s preventive layer. It uses a combination of whitelist and blacklist approaches, and introduces a concept of application profiling, unlike any other product currently on the market. As to be expected, the preventive layer protects against:
- Cross Site Request Forgery (CSRF)
- Cross Site Scripting (XSS)
- Remote File Inclusions (RFI)
- SQL Injection (SQLi)
- Local File Inclusions (LFI)
- Malicious post requests
- Malformed cookie requests
- Malformed headers
- Layer-7/HTTP Denial of service attacks
- Malicious or Improperly used bots
- And other similar attacks…
The main issue with hardening is that not everyone is technical enough to follow or understand the guidance. Especially when they see long posts like this one: WordPress Security – Cutting Through The BS or WordPress and Server Hardening – Taking Security to Another Level. The reality is that every one of the configuration changes is one potential new headache for the website owner. What works for one, doesn’t work for the other. Perhaps a host doesn’t allow a specific directive or disables specific functions. With CoudProxy, a user no longer needs to worry about making server level changes to harden their website, all changes are performed at the proxy level before any traffic touches your web server.
Virtual patching affords websites that are outdated (or with known vulnerabilities) to be protected from attacks by preventing exploitation of these vulnerabilities on the fly. This is usually done by either a firewall or intrusion detection system.
The term virtual patching was originally coined by Intrusion Prevention System (IPS) vendors a number of years ago. It is not a web application specific term, and may be applied to other protocols however currently it is more generally used as a term for Web Application Firewalls (WAF). It has been known by many different names including both External Patching and Just-in-time Patching. Whatever term you choose to use is irrelevant. What is important is that you understand exactly what a virtual patch is:
A security policy enforcement layer which prevents the exploitation of a known vulnerability.
The virtual patch works since the security enforcement layer analyzes transactions and intercepts attacks in transit, so malicious traffic never reaches the web application. The resulting impact of virtual patch is that, while the actual source code of the application itself has not been modified, the exploitation attempt does not succeed.
Access Control Mechanism
Second only to software vulnerabilities, Access is often the biggest vulnerability to everyday website owners. Attackers have learned to expedite their attacks by bypassing more complex software exploits and depending strictly on the weaknesses of everyday website owners. Things like poor passwords, open access to the world, etc.. often lead to a yellow brick road that everyday attacker can follow to easily gain access where they shouldn’t. To address this, we have built an access control mechanism to stop this vector dead in its tracks.
This mechanism empowers you, the website owner, with the ability to control who can access your website by implementing a whitelisting engine that allows you to define who can and can’t access your website administrator panels.
WordPress Sucuri Premium Plugin
We also offer a WordPress Plugin to all our customer at no extra charge.
- Integrity Monitoring. Receive notifications if any of your files are modified.
- Audit Logs. Keep track of everything that happens inside WordPress, including new users, posts, login failures and successful logins.
- Activity Reporting
- 1-click Hardening. Easy-to-use hardening options for your site.