Sucuri CloudProxy Website Firewall Improvements

If you are are a regular reader of our blog, you probably know about our CloudProxy Website Firewall which launched publicly almost a year ago. Since then, our team has been extremely focused on improving it everyday. If you are not familiar with CloudProxy, I highly recommend reading some of the documentation and benefits of it:

In fact, if you have a website, why not try it out?

What is CloudProxy

CloudProxy is a Cloud-based website firewall with a simple goal: To protect any website from being attacked or compromised. We do that by sitting in the middle between the Internet and your hosting company (origin server), filtering and blocking any malicious requests before they reach the site.

We do not even like to use the term “WAF”, since we focus on threats specific to the website we’re protecting. We also mix in a powerful Intrusion Detection System (IDS), and a log correlation engine to aid the firewall in blocking all malicious attacks.

Latest Updates

After all that, let’s get to the point of this post. We have done so many updates lately, that I will try to summarize them all here.

1 – Support for CDNs

We are focused on security and as a byproduct, you get the caching and performance benefits of our firewall (most clients see big performance improvements by using us). However, we are not a CDN. But we do work well with any type of CDN.

If you use Akamai, CloudFlare, MaxCDN or any other CDN service, CloudProxy can work with your site and still protect you.

This is easily done by adding CloudProxy in between your CDN and your hosting provider, and by marking your site as “behind a CDN” on our configuration panel:

Behind CDN

Behind CDN

Once that’s done, just edit the “Origin” IP address on your CDN to be our CloudProxy IP address, and you are all set. This documentation explains how to configure it with CloudFlare.

2 – Clean Report Pages

Even though we have always had a full audit trail and logging in CloudProxy, we never had a nice and clean report page, at least until now. Just last week we released a new reporting page, allowing you to see trends, and to analyize deep down into your site’s data. This is just a peek at what it looks like:

CloudProxy Reporting

3 – New locations

If you asked us for new CloudProxy hops in your geographical area, we heard you :)

We added new locations (including USA, Canada, Japan, Australia, UK and Brazil) and now you can choose where you want your traffic to be:

If you are in Europe, the UK location is likely your fastest option. Or, if you are in Asia, you can try either Japan or Australia. Lastly, you can just choose the default location and let us try to find the best/shortest path available.

4 – Rewritten Backend, Better Performance, Improved Detection and Cleaner Experience

Above are just some of the visual things we added, but we also re-wrote the backend to be a lot more powerful, and to improve our detection while minimizing false positives.

  • We added hundreds of new virtual patching/hardening signatures.
  • We greatly improved our SQL injection detection.
  • Our correlation engine is now blocking and detecting brute force attacks, and DDOS better than ever.
  • And the whole experience has been re-designed while performance was greatly improved.

It looks like a sales pitch, but we are just proud of all the work our team has been putting on it lately.

Let us know if you have any questions or wish to share your experiences with CloudProxy. If you’re not using CloudProxy yet, we recommend you get our website firewall today.


Tags: , , ,

No comments yet.

Leave a Reply