Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery. DDoS attacks […]
Tag Archives: website firewall
What is PCI Compliance?
Sucuri aims at keeping the internet safe. That is why we are so keen on informing our customers of potential threats. We have posted many articles regarding ecommerce security breaches that steal credit card information, as well as the risks for ecommerce site owners. There can be many dangers when purchasing through a website, and with […]
What is Virtual Hardening?
If you want to make your website security more robust, you need to think about hardening. To harden your website means to add different layers of protection to reduce the potential attack surface. Hardening often involves manual measures of adding code or making changes to the configuration. To virtually harden your site involves allowing a […]
What is a WAF?
Have you ever wondered what WAF means? WAF stands for Website Application Firewall. In order to make it simple to understand, imagine your website as a house and the people outside on the streets are the traffic that wants to come to your website. Of course, you want to open your door to friends and […]
New Guide on How to Implement HTTPS / SSL Certificate
HTTPS is a hot topic among online marketers and SEO professionals who understand the future of the web needs to be more secure. Not just for the good of the internet, but to increase visibility and lower the chances of being penalized. Search engines and web traffic authorities are ramping up efforts to encourage website […]
Unwanted “Shorte St” Ads in Unpatched Newspaper Theme
Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove intrusive “shorte st” ads that they never installed on their sites themselves. My colleague Denis Sinegubko of UnmaskParasites helped to investigate this case. Shorte[.]st is a service that hijacks links, […]
Website Availability and Security When Migrating Hosts
Website security is a continuous process. It’s not something that should be turned on when the time is right; rather integrated into the full scope of how you deploy a website, maintain it, and ensure the safety of your visitors. At Sucuri, we protect websites with a wide range of website configurations, including business owners […]
How to Use Splunk with Sucuri Audit Trails
The Sucuri Firewall dashboard provides a rich set of API functions that can be used to control your firewall settings remotely. In addition, there is an API function to download your Audit Trails in JSON format. The audit trail is a list of blocked requests that the firewall performed on your behalf to keep your […]
Ask Sucuri: Common WAF Questions and Concerns
There is no more frustrating experience than knowing you need something, but not knowing which questions to ask. This resonates with website owners when they are told they need to add (yet another) security solution to their tech stack – and it’s called a Website Application Firewall (WAF). I spoke earlier this month about the […]
Website Application Firewalls (WAF) – Practical Approach to Website Security
In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was to help website owners differentiate between the types of firewalls they might encounter. Today, I will shift my focus specifically to website application firewalls (WAF). WAFs are not new, but […]