The easiest way to protect your site and be confident about your security is by using a web application firewall (WAF).
A website firewall protects websites from malicious traffic before it even reaches your website.
We use Sucuri and still recommend it as one of the best web application firewalls.
For more information:
The firewall also has a built in CDN which is always active when enabled, so having another CDN enabled at the same time is redundant and can cause configuration issues.
You can read more about the Sucuri CDN here:
https://docs.sucuri.net/website-firewall/website-firewall/sucuri-cdn
One great feature of the Sucuri Firewall is its caching. Learn about the caching options that Sucuri provides:
https://docs.sucuri.net/website-firewall/performance/caching-options
With Sucuri, it’s highly recommended to implement bypass prevention to further protect your site from malicious requests and attacks! Implementing firewall bypass prevention will prevent requests from bypassing the firewall hardening and will force all requests to filter through the firewall.
To put this in perspective, you can run the following curl request bypassing the firewall and directly hitting your hosting server if bypass prevention has not been implemented.
curl -ILH “host: yourdomain.com” http://ip
Once bypass prevention has been implemented, requests bypassing the firewall will be prompted with a 403 Forbidden error instead of a 200 OK response.
You can obtain the bypass prevention rules on the configuration page for your specific web server.
You can read more about this feature in the following knowledge base article:
https://docs.sucuri.net/website-firewall/configuration/prevent-sucuri-firewall-bypass
Benefits of having a firewall on your website:
-Improve speed with caching and content delivery network (CDN)
-Mitigate Distributed Denial-of-Service (DDoS) attacks
-Prevent hacks and vulnerability exploit attempts
-Protect against the OWASP Top 10 (and more)
-Stop brute force attempts against your website login pages
-Leverage geographic load balancing and reliable uptime
For more information:
https://www.godaddy.com/help/set-up-my-web-application-firewall-waf-and-cdn-26813
No matter what security tools you use, the risk of being hacked is never going to be zero. Sucuri’s remote disaster recovery solution is currently available to website owners using the Sucuri platform.
For more information:
https://sucuri.net/website-backups/
You will need to allow up to 24 hours for the DNS changes to propagate fully after enabling the firewall by changing the DNS A record of your domain to point to the assigned firewall IP.
You can check on the progress of the DNS changes here:
You can verify the SSL certificate on your web server to make sure it is correctly installed
https://www.sslshopper.com/ssl-checker.html
https://www.whynopadlock.com
Sucuri provides several different website monitoring types to make the most of your website protection
– Security checks
– SSL Monitoring
– DNS Monitoring
– Blocklist Monitoring
– Uptime Monitoring
For more information on website monitors:
https://www.godaddy.com/help/configure-my-website-monitoring-27379