What is cPGuard WAF?
The cPGuard WAF module is an important part of cPGuard security suite to protect your websites from malicious traffic and attacks. It is powered by Malware.Expert commercial ModSec rules and are loaded with a wide variety of protection levels. With cPGuard, you can implement the WAF rules quite easily and flexibly and enforce maximum website protection based on your preference. We have rules to protect major attack like the following which is well explained in the following sections
- WordPress/Joomla and other CMS brute-force attacks
- Crawler bots and exploit/vulnerability scanner prevention
- Generic attacks like XSS, SQL injection, WP abuses, etc
- Block malicious files upload via web
- Zero-day exploits blocking
What are the important modules of cPGuard WAF?
The cPGuard WAF consists of various types of rules and each can stop different types of attacks. The major advantage in enabling the WAF with cPGuard is, you can select the set of rules that you wish to enable for your websites. So unlike the competing WAF solutions, our rules are quite wisely separated and let the customers to choose the protection level.
- RBL Protection:- This provides the advanced DDoS protection for POST attacks [ brute-force, script exploits ] and blocks common abusive IP addresses collected through our network of servers with cPGuard installed. We recommend turning this ON if you are getting too many POST attacks as it can help to block many attacks before reaching your application and helps to reduce server load.
- Captcha Protection :- Recommended This ruleset will enforce all users to verify not as bot before accessing the CMS [ like WordPress, Joomla, etc ] login pages or submitting the login credentials. Once they are identified as a real user, they will be able to login to their website. This can greatly reduce the load due to brute-force attacks. You can also define the set of URIs that you wish to protect using the captcha system, which makes the protection more powerful and flexible.
- WEBSHELL protection:- If you enable this ruleset, your server will be protected from the execution of PHP shells like following
- Phoenix WebShell
Frontpage may open in web shells, but command execution [ like a copy, delete, move, etc ] is blocked. You can enable this rules set if you control all the web apps on your server.
- SCANNER protection:- Recommended This will help to keep away bad crawlers from your system. This is a major headache for web hosts and causes unnecessary use of system resources. It can block
- Bad User-Agents
- Bad search engine crawlers (Cause High loads)
In addition to the above rules set, the WAF consists of rules to stop brute-force attacks and to enable web-based files scanning.
Why cPGuard WAF is better than the competing WAF solutions?
Our WAF is top-notch to block major automated attacks with less server load compared to the competing WAF solutions. In addition, we cause very minimal or zero false positives in most cases with an option to whitelist rules if they find any isolated issues with any rules.
In general, cPGuard WAF outperform all other competing WAF solutions based on the following points
- We have very minimal but generic WAF rules. That helps to offer a wide range of protection with very little server load
- Rules are generic and thus can block the same types of attacks with different vectors
- We carefully watch the latest exploits and release rules to protect them
- We have explicit generic rules to protect common CMS systems
- Our Captcha protection system is one of the best which can stop all brute-force and bot attacks towards your CMSes
- Cloud-based central system to analyze the latest web threats and to block them
- The WAF module is clubbed with IPDB Firewall in the core which will eventually help to stop attacks in the system firewall even before it reaches the application server
Have more questions?
In case you are misleaded by some marketing emails about our software and WAF module and would like to know more, please feel free to reach us. Our team is always happy to answer your questions and explain about the cPGuard software