Sucuri Blog

Website Security News

CloudProxy

Sucuri CloudProxy Web Application Firewall (WAF) – Out of Beta

We are happy to announce that after more than a year in testing, Sucuri’s Cloud WAF is out of beta.

CloudProxy is currently available to Sucuri customers, so if you have an account with us, you can subscribe to CloudProxy from your dashboard.

Here is a quick testimonial:

I inherited a couple of websites that were hand coded and getting hacked on a daily bases. Hooked them up to CloudProxy last week and so far the sites have been protected and are not being hacked anymore. At this point, I’d highly recommend this service if you are running an out of date CMS or code and are getting hacked often! Great service!

Linda Kimble Long

 

If you are not familiar with CloudProxy, it is a new type of cloud-based web application firewall (WAF) that does not relies only on web-based filtering. CloudProxy mixes intrusion detection (IDS) and log-based intrusion detection (LIDS) for full coverage and protection.

Here are some of the features:

  • Traffic filtering (blocking malicious requests)
  • Virtual Hardening
  • Virtual Patching
  • WAF (Web application firewall) – To prevent SQL injections, XSS, RFI, etc)
  • IDS/IPS (Intrusion prevention system)
  • Extended access control (white listing of IPs allowed to go to the admin pages)
  • OSSEC HIDS (Full log analysis)
  • Improved performance and caching
  • Fully managed (nothing to install). You just need to switch the DNS of your site and we take care of the rest.

CloudProxy has been in development over 16 months, and currently protects thousands of websites. It’s platform agnostic, allowing it to protect your favorite website applications (e.g. WordPress, Joomla, vBulletin, Magento and many more).

For case studies, here is an example of brute force attacks that CloudProxy would have protected against. Or the latest W3TC vulnerability.

If you have any questions about Sucuri or CloudProxy, drop us an email to info@sucuri.net.

About Daniel Cid

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

Reader Interactions

Comments

  1. I asked this question about a month ago on support, and they answered with a dry “Not supported”. I’m asking here to see if I get a non-dry developer response 🙂 . If I have a web site with 2 IP addresses, let’s say 1.1.1.1 and 5.5.5.5, and I add it to Cloudproxy, would it do the load balancing and protection on both IPs? If not, is there a plan to support it in the future? Thanks in advance.

    • Daniel Cid

      Lol. Sorry about that. And yes, it is not supported right now, but in our plans to add in the near future.

      However, with our Proxy in front of your site you may not need 2 servers anymore and can likely migrate to just one. Since most of the traffic will be cached on our end.

      thanks,

  2. jsobrier

    What are the main differences with CloudFare?

    • perezbox

      It comes down to a few things.

      1 – Our focus is Security first and foremost, not optimization or performance. These are byproducts of the service though.

      2 – Our technology utilizes a different approach to a WAF, unlike the other products. It uses an application profiling, whitelisting and traditional URL blacklisting solution. It’s coupled with an IDS on the back end to further supplement it’s detection.

      3 – It’s built on our years of IDS work, our founder is also the founder of OSSEC – HIDS. And makes use of what we have learned over the past 3 years detecting malware and cleaning websites.

      Thanks

  4. Using the open beta is very stable, with only a few minor errors that manufacturers must change before official launch…