Follow for free plugins, new theme releases and theme news
Plugin Description
Sucuri Inc is a globally recognized authority in all matters related to
website security, with specialization in WordPress Security.
The Sucuri Security Website Firewall(CloudProxy) product is a Cloud-based
Website Application firewall (WAF) and Intrusion Prevention System (IPS)
providing everyday website owners Enterprise class security at an affordable
cost. This security plugin extends the management of the Website Firewall,
making it available to you in your WordPress dashboard. All security features
are not available in this plugin and for a complete list of the security
feature, and its management, visist your Sucuri Security Dashoard.
This security plugin performs it’s security hardening remotely via a service
so it does not contain any additional hardening, it employs a number of
features like virtual hardneing and patching that provide all the security
hardening your website requires. Additionally, the security hardening is
performed off your web server, alleviating the load that attacks place on your
existing webserver resources. This service only available via a paid
subscription of the Sucuri Website Firewall product.
The Sucuri Website Firewall (CloudProxy) product offers you enterprise class perimeter security
for your website, addressing some of the biggest issues WordPress websites face in regards to security.
This WordPress Security plugin can be used in conjunction with other plugins.
It does not replace the Sucuri Security – Auditing, Malware Scanner and
Hardening plugin. The features
found in this plugin have been integrated into that plugin, installing it will
remove this plugin and wrap everything into one toolset.
Some of the security issues this product protects your website includes:
- Security Filtering of all traffic – blocking all security related issues before it hits your website / web server
- Apply Security Patches Virtually
- Virtual Security Hardening
- Block of Cross Site Scripting (XSS) attacks
- Block of SQL Injection (SLQi) attacks
- Block of Remote / Local File Inclusion (RFI/LFI) attacks
- Block of Remote Code Execution (RCE) attacks
- Advanced Security Access Control Features (i.e., IP whitelisting, 2FA, etc..)
- Performance Optimization
- Fully Managed Security Protection for Your Website
A few features of the Sucuri Security Website Firewall product deserve special
attention for the added value website owners get. They include:
Denial of Service (DDOS) Security Mitigation
Denial of Service (DoS/DDoS) attacks are not new, but are growing in popularity.
The introduction of new booster services, that allow any online users
to pay someone else to attack someone elses website, have created an influx of
DoS attacks. They range in scale and impact, but often the impact of such an
attack is simple – to bring your website down. Kill it’s availability and make
sure that your visitors are unable to access the website.
This is especially true if you are leveraging shared server space, this often
means the resources allocated to your one website are marginal and any influx
in traffic could completely disable your websites performance. If the problem
persits, you run the risk of getting kicked off your hosts environment.
Brute Force Protection
This is a serious issue in WordPress security. There was a time where many
perceived this to be an impossibility due to challenges in networks, that is
no longer the case. Technology has made it so that the latency that was once
introduced via networks is no longer the bottlekneck.
Brute Force attacks are a security threat that every website owner must be
mindful of. It’s an act in which the attacker attempts to continously
penetrate your environment, using a variety of attempts with varying username
/ password combination in an effort to gain entry. With the hopes that they
will get lucky. This can be achieved with other security plugins, but
attackers continue to develop evasive techniques to bypass security plugins
that live an operate at the application layer of your website.
This security protection takes place at the edge, offloading the attack from
your web server and providing you optimal website security.
Vulnerability Security Exploitation Prevention
This is one of the neatest features our product has to offer. Our research
into vulnerabilities has led to some of the largest security disclosures in
2014 pertaining to software security vulnerabilities. This has affected some
of the largest brands to inlcude the MailPoet Newsletter plugin, All-in-One
SEO plugin, RevSlider plugin, and many more.
Vulnerabilty exploitation is a big issue today for website owners leveraging
the WordPress platform. It is easy to install WordPress, even easier to find a
plugin that performs a specific function, but often the last thought a website
owner has is around the security of the code they are putting into their
website. It’s also impossible for the website owner to know whether the code
is good or bad, or what to do if it’s bad but still offers the feature they
are interested in.
Being able to stop attackers from exploiting these security weaknesses is
imperative for website owners.
Malware Prevention
A malware issue is a security event in which Malicious Software (Malware) has
been injected into your website. It often comes in the form of a
drive-by-download or something equivalent in which your website is used as a
spring board to attack your visitors. Imageine for a moment that someone
visiting your website, trusts that your security is top-notch, and gets their
local machine hacked.
The attacker then proceeds to steal all their credentials (i.e., emails,
social media account, financial institutions). This user has now lost their
life savings and is unable to pay their bills while the matter gets resolved,
which can take months if not years.
This is the reality of the pain malware introduces.
Zero Day Immediate Response
This is a very unqiue security feature that allows our security team to
respend immediately when a new security incident is released. Zero day events
occur all the time, they are events that are released for public consumption
but have no existing solutions in place. This happens when an attacker
identifies a potentially big issue and is interested in watching it all burn.
When this happens your website is left to it’s own devices to implement a
solution that addresses the problem, if you don’t implement it in time or
adequately you run the risk of getting compromised.
With this security feature, Sucuri is able to proactively protect your website
within minutes of a security event, like a Zero Day, being released to the
world. Example of this at work include the recent Bash vulnerabilities, and
many of the software vulnerabilities mentioned above (i.e., RevSlider,
Mailpoet, etc…).
You can read more about some of the features here: Sucuri Security – Website Firewall (CloudProxy)
Update-to-date pricing and features can always be found on the Plans &
Pricing page.
Credits
Screenshots
No screenshots provided
