CloudProxy is a Web Application Firewall (WAF) Intrusion Detection System (IDS) for websites. In short, it’s a cloud-based protective perimeter that any website owner can configure to repel hackers from exploiting the various website vulnerabilities. The technology is platform agnostic, it will support any type of web site platform (i.e., WordPress, Joomla, vBulletin, Magento, custom HTML, etc) and will work with any web server technology (i.e., Apache, Ruby, IIS, etc.. ). It uses a proprietary approach to application profiling, malicious URL filtering, and anomaly detection on all traffic. All logs are maintained within the Sucuri infrastructure and monitored by our security operations team.
When you sign up to CloudProxy, your web site will be treated like if it was our own. Our SOC (Security Operations Center) team will look over the logs and activity and try to identify any security issue or pattern that needs to be blocked or white listed. So your site will benefit from the intelligence we are gathering from all the activity we see across all our clients.
In addition to the WAF, all the traffic to your site will pass through our Intrusion Prevention and detection systems. They will correlate all the requests and try to find patterns of attacks that could be missed by just the WAF.
Ever worried that your site or a plugin, extension or theme has a software vulnerability that you're not aware of? Now with CloudProxy you don't have to worry about this. Can't upgrade your site? CloudProxy will virtual patch/update it for you making sure that those vulnerabilities can't be used against you.
The URL filtering function is similar in the way it works to a number of other firewalls, but is unique in it’s approach to it’s preventive layer. It uses a combination of whitelist and blacklist approaches, and introduces a concept of application profiling, unlike any other product currently on the market. As to be expected, the preventive layer protects against:
- Cross Site Request Forgery (CSRF)
- Cross Site Scripting (XSS)
- Remote File Inclusions (RFI)
- SQL Injection (SQLi)
- Local File Inclusions (LFI)
- Malicious post requests
- Malformed cookie requests
- Malformed headers
- Layer-7/HTTP Denial of service attacks
- Malicious or Improperly used bots
- And other similar attacks…