Question: How should a website owner differentiate between Firewalls? What do they do? The term “firewall” is not new. It is common terminology in the world of technology and security, and possibly common enough that even non-technical people have a basic understanding of what a firewall is. Its meaning actually extends beyond security. The brick walls thatRead […]
Tag Archives: cloudproxy
Anatomy of 2,000 Compromised Web Servers used in DDoS Attack
One of our clients was being attacked by a layer-7 DDoS attack for more than a week. The attack was generating around 5,000 HTTP requests per second, which took his site and server down. It also caused his hosting company to suspend his server for “ToS violation”. Yes, some hosting companies consider a ToS violation […]
Quick Analysis of a DDoS Attack Using SSDP
Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the case was that it was a multi-faceted DDoS attack. The first issue we noticed was a Layer 7 – HTTP Flood (DDoS) Attack attack generating thousands of HTTP requests per […]
Simplifying the language of website security
A couple of weeks ago, the Sucuri team was at HostingCon. We rubbed elbows with the people who bring your websites to the world and spoke at length with them about the importance of website security. However, the most interesting conversation we had over the whole week was with a small business owner on vacation […]
CloudProxy + SPDY = A Faster Website
Our CloudProxy Firewall already protects and speeds load times for 1,000′s of websites. Now, it’ll be even faster. We’re happy to announce that we just added support for SPDY (pronounced speedy) across all of our plans and servers. Any website being protected by our CloudProxy firewall can enable SPDY support with just one click: If […]
Website Firewall Update – Introducing 2FA and More
Today, we are launching the new and improved Protected Page capability in our Website Firewall, CloudProxy. It allows for a simple (1-click) activation of secondary authentication methods on any page of your site. It means you can easily add the following to any page on your website: A custom password verification Two Factor authentication (2FA) […]
Sucuri CloudProxy – Website Firewall Enhancements
When LA’s DA says that, “73% of our local businesses appear to have been hacked,” it begins to illustrate the importance website protection will play in the future of business, which is why we’ve placed so much emphasis on website protection on this blog over the last few months. Protection is no longer a, “nice […]
Desktop AVs and Website Security
Brian Dye tells the Wall Street Journal that antivirus tools like his company’s Norton suite are effectively “dead” because they catch less than half of all attacks, but from where we sit, that’s really just half the story. Does Brian mean that antivirus defenses–also know as “AV”– are useless? Probably not. Just like you should […]
Case Study: Analyzing the Origins of a DDoS Attack
Recently a client was experiencing a massive layer 7 DDOS attack, generating tens of thousands of random HTTP requests per second to the server. The architecture of the website included a cluster of three web servers responsible for handling all incoming traffic, which did little to alleviate the pressures brought about the attack. An interesting […]
Patching The Heartbleed OpenSSL Vulnerability
Security Researchers have discovered a very serious vulnerability in the OpenSSL library that is used to power HTTPS on most websites. Many news sources are now covering the story, and we recommend reading their articles to understand the scope of what is happening and the impact of the threat: Critical crypto bug in OpenSSL opens […]