The Sucuri Firewall is an innovative cloud-based Website Application Firewall (WAF) and Intrusion Prevention System (IPS) for protecting websites. It functions as a reverse proxy by intercepting and inspecting all incoming HTTP/HTTPS requests to your website and stripping them of any malicious requests before the they arrive safely at your server. The Sucuri Firewall includes automatic virtual patching and hardening engines that offer real-time mitigation of threats, with no impact to the website.
Distributed Denial of Service (DDoS) Protection
Sucuri’s approach to mitigating network-based attacks includes investing in resources across all Points of Presence (PoP). The globally-distributed Anycast network enables efficient distribution of traffic. It explicitly blocks all non-HTTP/HTTPS-based traffic, with a current network capacity in excess of 250 GB/s. Each PoP has multiple 10G and 40G ports from different providers, designed to scale and absorb very large attacks.
Brute Force Prevention
Hackers and brute force attacks are blocked from your login pages, protecting your user and admin passwords. The Sucuri Firewall also offers IP whitelisting to stop unauthorized access to your CMS administrator area, with automatic integration for popular platforms like WordPress. You can also set your own custom Protected Pages to add security controls such as 2FA, CAPTCHA, IP, and password protection.
Stop Website Attacks and Hacks
The biggest contributing factor to website hacks comes from insecure code. Attackers are always looking for new weaknesses to exploit. The Sucuri Firewall protects vulnerable websites by identifying and removing malicious requests and hack attempts. Our constant research allows the Sucuri Firewall to thwart emerging exploits.
Malware Prevention
No one wants to know that their website is being used to infect online visitors. Ransomware and viruses are often spread through hacked websites. Prevent malicious drive-by-downloads from harming your visitors or compromising their devices and and stealing sensitive credentials for their credit cards, online banking, email accounts, and social media.
Zero Day Immediate Response
Zero Day attacks signify the moment when a vulnerability is disclosed and a patch is not yet available. It's the critical moment where your website is at the greatest risk. The Sucuri Firewall will virtually patch your environment within moments of a Zero Day attack being disclosed to the public.
Simple Configuration & Platform Agnostic
The Sucuri Firewall works with any website configuration, including the most popular CMS platforms - WordPress, Magento, Joomla, Drupal, vBulletin and many others. It supports Apache, NGINX, and Windows IIS web servers. Built with the end-user in mind, deployment is quick and easy.
The Sucuri Firewall runs on a Globally Distributed Anycast Network (GDAN), built and managed by the Sucuri team. The GDAN configuration allows for high availability and redundancy in the event of any failures in the network. Sucuri currently manages six Points of Presence (PoP)
The platform is supported by the Sucuri Security Operations Center (SOC) which provides 24/7/365 monitoring and
response to all attacks. Some of the features that the protection platform offers a website owner include
The platform requires no installation or application changes. It is done via DNS by adding an A record
or switching to Sucuri nameservers.
