Web Applications Firewall (WAF)
for WordPress
Fully Managed Web Application Firewall (WAF) for WordPress Websites
Fully Managed WAF
Our web application firewall solution for WordPress is fully managed and maintained on your behalf. The firewall service provides virtual patching and hardening for your site and with in-built DDoS attack mitigation and brute force attack protection.
Malware and Hack Protection
We provide a multi-layer firewall for bad bot and hack protection. Our systems detect a malicious bot or hacker tool attempting an attack, they are blocked automatically. Nuisance Bots that do not adhere to robot rules can be blocked to prevent CPU and Bandwidth resource wastage.
Protect Your Site from Hacks
Protect your site from attacks and hacks. Our Web Application Firewall (WAF) provides the first line of defence from bad actors including automated Bots that are probing your website for information and known vulnerabilities. The Web Application Cloud Entry/Firewall provides protection through Intrusion Prevention System (IPS). Our WordPress WAF is an external service that sits in front of your site and your sites performance will be improved by eliminating undesired bad traffic from ever reaching your web server.
How our WAF Protects Your Website from Hacks
WordPress Application Profiling
WordPress sites have a profile reflecting CMS, server software and technologies reflecting the website’s stack. Traffic is analysed to block requests that don’t fit your WordPress application’s profile.
Virtual Patching & Hardening
On average 200+ updates are required to keep the WordPress core, theme and plugins patched and up to date in a year. If a security patch becomes available and you haven’t updated your site, it becomes and easy target for hackers. Virtual Patching provides defence against known WordPress vulnerabilities.
Traffic Inspection & Signature Detection
All web traffic (HTTP/HTTPS) is inspected before reaching your server. With heuristic and fully managed signature-based inspection, malicious requests and and attack profiles are detected and blocked.
Machine Learning
Our WAF solutions are powered by Sucuri and their Machine Learning that correlates attack data from their entire network to better understand malicious behaviour and keep your site secure.
Protecting Sensitive Pages
Protected Pages Feature and Endpoint Blocklisting provide additional layer of protection to sensitive/high risk endpoints in your website. The XMLRPC and wp-login.php endpoints are popular attack vectors in WordPress. Additional Passwords, Â CAPTCHA, 2FA, or IP allowlisting can be applied to sensitive pages or endpoints can be fully blocked using blocklists.
IP Allowlists
Allowlisted IP addresses ensure only your team can access administrative areas of your website from established/known locations. Restrict your admin panels so malicious users don’t gain access.
Geo Blocking & Geo Routing
Websites may wish to route or restrict access for security, compliance or performance reasons. Geo blocking allows restriction of access by country. Geo Routing allows transparent routing of traffic by continent to different server nodes.
Bad Bot Blocking
When our systems detect a malicious bot or hacker tool trying to attack your site, it is blocked automatically. We protect your site from vulnerability exploitation attempts.
Frequently Asked Questions
Yes, as a fully managed WAF solution we create and install SSL certificates (HTTPS) for your firewall server. Our actively monitored SSL Certificate Provisioning and Renewals, your website’s SSL Certificate will be renewed automatically. SSL Certificates are applied to both the Web Application Firewall and all website Active and Standby nodes.
SSL Certificate and automatic SSL Certificate renewals are FREE for all firewall plans and hosting & maintenance plans that include a WAF.
Yes, all of our Firewall plans allow for uploading of custom SSL Certificates. Please contact our support team to organise the installation of a custom SSL certificate.
