Website firewall & protection

Stop attacks, malware and hackers before they hit your website

What is a website firewall?

Protects your website from hackers, attacks and DDoS

Our website firewall is a web application firewall (WAF) and intrusion prevention System (IPS) for websites. In short, it protects your web site from attacks, malware and the dangers of getting blacklisted. It also supports any type of platform, from WordPress, Joomla, vBulletin to Magento, and even custom designs.

It uses a proprietary approach to application profiling, malicious URL filtering, and anomaly detection on all traffic. All logs are maintained within our infrastructure and monitored by our security operations team.

How does it work?

Glossary of terms

Ever worried that your site or a plugin, extension or theme has a software vulnerability that you’re not aware of? Now with you don’t have to worry about this. Can’t upgrade your site? Our website firewall service will virtual patch/update it for you making sure that those vulnerabilities can’t be used against you.

In addition to the WAF, all the traffic to your site will pass through our intrusion prevention and detection systems. They will correlate all the requests and try to find patterns of attacks that could be missed by just the WAF.

When you sign up to our website firewall service, your web site will be treated like if it was our own. Our SOC (Security Operations Center) team will look over the logs and activity and try to identify any security issue or pattern that needs to be blocked or white listed. So your site will benefit from the intelligence we are gathering from all the activity we see across all our clients.

The URL filtering function is similar in the way it works to a number of other firewalls, but is unique in it’s approach to it’s preventive layer. It uses a combination of whitelist and blacklist approaches, and introduces a concept of application profiling, unlike any other product currently on the market. As to be expected, the preventive layer protects against:

  • Cross Site Request Forgery (CSRF)
  • Cross Site Scripting (XSS)
  • Remote File Inclusions (RFI)
  • SQL Injection (SQLi)
  • Local File Inclusions (LFI)
  • Malicious post requests
  • Malformed cookie requests
  • Malformed headers
  • Layer-7/HTTP Denial of service attacks
  • Malicious or Improperly used bots
  • And other similar attacks