Security Options

To help fit your site’s needs, CloudProxy offers you many security options. All of them can be found under “Security” in your CloudProxy settings page.
Security Options
Security level

There are two security settings: High and Paranoid. In the “High” mode, it will enable all default security checks. It will also enable Virtual patching so if you are ever using an outdated software, it can’t be used to hack your site. Paranoid mode, includes all the security options from the “High” mode, but also puts the site into lock down mode, preventing any POST requests.

Admin panel restricted to only Whitelisted IP addresses

Most popular content management systems have an administrative panel. Example:/wp-admin on WordPress or /administrator on Joomla. If you set it to On, only whitelisted IP addresses will be able to access those directories. If you have a membership site and you allow anyone to create an account and login there, do not enable this option.

Additional Security Headers added to your site.

This option will add some recommended security headers to your site in order to protect you against some forms of XSS and clickjacking attacks. If you allow other sites to ‘iframe’ your content, do not enable this option. The following headers will be added: X-XSS-Protection, X-Frame-Options

XMLRPC, Comments and Trackbacks blocked.

If your site does not allow comments (or trackbacks/pingbacks), or if you use an external commenting system (like Disqus or Facebook comments), you can block any comment attempt, since it is likely to be spam.

Stop unfiltered HTML from being sent to your site.

This option prevents users from inserting or sending unfiltered HTML content to your site. It will block things like iframes and script calls from being used. If you have a forum or membership site and you allow your users to send messages and post open content, do not enable this option. Note that whitelisted IP addresses are not affected by this setting.

Stop upload of PHP or executable content.

This option will prevent anyone from uploading PHP, Perl or executable content to your site. We recommend enabling this option unless you do allow users to do uploads. Note that whitelisted IP addresses are still allowed to do uploads.

Enable Emergency DDOS protection.

The HTTP flood protection will prevent anyone from using a browser without JavaScript enabled from visiting the site (except major search engines), very useful when the site is under DDOS. You can turn off this option once things normalize.Note that this option may prevent legitimate visitors from accessing your website, and should only be applied only when your website unavailable due to Distributed Denial of Service (DDoS) attacks.

Block proxies and the top three attack countries (China, Russia and Turkey).

Enabling this option will prevent anyone from China, Russia or Turkey from interacting with your site. They are still able to view all content, but not register an account, submit comments or attempt to login (basically lock to read-only mode). The same restriction applies to users using anonymous proxy services to hide their IP addresses.

Geo Blocking

This option allows you to block access to your site from the countries selected. Theviewing list is used to prevent anyone from that country from visiting (browsing) the site. The other option, posting, allows them to view the content in read-only mode but they won’t be able to login, register, buy or send any comments.

Enable advanced evasion detection.

This option will enable advanced evasion detection signatures. We recommend keeping it on, but if your site support URL’s on non-ascii characters (like Japanese, Indian, Russian, etc), you may need to disable it.

Advanced Intrusion Detection System

This option enables advanced IDS (Intrusion Detection System) rules that run in the backend and try to block repeated attackers. We recommend to keep this option enabled, unless recommended by our support team.

Aggressive bot filter

This setting will block invalid user agents that do not match real browsers like empty user agents, user agents that start with PHP/, and improper user agents from common browsers.

in ConfigurationSucuri CloudProxy

0

0

Related Articles

Leave a Reply