Manage Sucuri WAF

The Sucuri Firewall is a cloud-based WAF that stops website hacks and attacks. Our constant research improves our detection and mitigation of evolving threats, and you can add your own custom rules.

  • Instantly Block Hackers
  • DDoS Mitigation and Prevention
  • Virtual Patching and Hardening
  • Protect Brand Reputation
  • Prevent Zero-Day Exploits

In this tutorial, we’ll focus on how to manage your Sucuri WAF through Libyan Spider client area.

  • First, log in to the client area
  • Navigate Hosting & Services > My Hosting & Services
  • From service list choose “Sucuri WAF” Service

  • Choosing “Sucuri WAF” will point you to service Dashboard

  1. Sucuri Details will check if your service is activated by pointing your Domain name to Firewall IP Address as showing on the table. Notice: in order to make your firewall active you need to point your domain name to Firewall IP address
  2.  Overview showing all service details DNS records and Firewall IP to add it to you server whitelist, If you have a firewall on your hosting server (like CSF or ModSecurity), we recommend that you whitelist our IP addresses (listed below). As all connections to your hosting server will be passing through our firewall, by whitelisting our IP addresses, it will prevent us from being blocked incorrectly.
  3. If your site runs on multiple hosting servers, you can add multiple hosting IP addresses for them to be load balanced. You can also provide a failover backup IP address that will be used in case your main hosting IP addresses are not responding.
    Note: If there is one single IP address in the list and you want to change it because the system is flagging it as collision-prone, add a new address first and then delete the old one. This is necessary because the system requires at least one entry in the list in order to work.
  4. Whitelist IP address, to add IP to whitelist to override Firewall rules. This option allows you to whitelist trusted IP addresses that will not be blocked by some of our security rules. Any IP address listed here will also have access to the administration panels like “administrator” or “wp-admin” if you have it restricted to only trusted IP addresses on the security settings.
  5. Blacklist IP address This option allows you to ban an IP address from visiting your website.
  6. Whitelist URL paths, If a specific URL is being blocked by our Website Firewall, you can whitelist it. For example, if you need to use TimThumb and our hardening is preventing that, you can allow its path, (e.g. “/wp-content/themes/my_theme/timthumb.php”)
  7. Blacklist URL Paths If you have any URL that you want to block access to, you can add it here. Only whitelisted IP addresses will be allowed to visit them. This can be useful if you want to restrict access to certain pages or content.
  8. Caching Level
    By default our Website Firewall will cache certain pages of your site to improve the speed and the experience for your users. You can disable caching here if for some reason you do not want that to happen. It is not recommended, since it can slow down the user experience. If you need certain pages not to be cached, you can add them on the Non-Cache URLs.NOTE: The following file extensions are cached regardless of the caching level:
    js, css, png, jpg, swf, jpeg, svg, gif, ico, txt, mp4, mp3, pdf, woff, ttf, thumb.
  9. Clear CacheThis option can be used to clear the whole Website Firewall cache after any website changes have been made. This will reflect live as soon as you click the clear cache button, but it might take a couple of minutes depending on the size of the website and the quantity of cached objects.

    NOTE: The following file extensions are cached regardless of the cache level:
    js, css, png, jpg, swf, jpeg, svg, gif, ico, txt, mp4, mp3, pdf, woff, ttf, thumb.

  10. Clear Cache Per File If you want to clear the cache on a specific file or folder, you can do it here. This will reflect live as soon as you click the clear cache button.
  11. Enable Compression
    Compressing resources will reduce the number of bytes sent over the network and will improve performance for most web sites. It is recommended to enable it.
  12. Non-Cache URLs
    If you want to have the Website Firewall cache enabled on your site, but disable it for certain directories, you can do it here. Just specify what paths should not be cached and we will never do any caching there.
  13. Security This option will add some recommended security headers to your site in order to protect you against some forms of XSS and clickjacking attacks. If you allow other sites to “iframe” your content, do not enable this option. The following headers will be added: X-XSS-Protection, X-Frame-Options.
  14. HTTPS/SSL Support

    SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client. More specifically, SSL is a security protocol that allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.

    Users on our professional plan and up, can use custom SSL certificates for their sites. In here, you can upload your private keys and certificates (.key and .crt files) to use wild card, EV or any custom certificate you wish you use.

    We also provide Free SSL certificates through Let’s Encrypt, but they may take a few hours to be generated and require your domain to be activated on our end first.

  15. Email Reports send reports to a specified Email address.
  16. Audit Trails will show all logs
  17. 7 Request Cancellation, to cancel the service.

  • Was this Helpful ?
  • Yes   No
in Client AreaHosting

Leave a comment

Required fields are marked