Protect Your Web Application with Just a Few Clicks
Today, businesses of any size need to protect their web applications against the thousands of cyber-attacks happening every second. Just one breach could reveal damaging personal identifiable information, resulting in financial and reputational repercussions for the targeted company. Luckily, the most common types of attacks are well known and documented. In fact, there is a tool made specifically for protecting web applications from threats on the public internet.
It is called a Web Application Firewall (WAF) and it protects against all the most common threats your business could face from the web at large including protection against the OWASP top 10 threats, bot mitigation, DDoS attacks, and more.
Although small businesses with an online presence face the same levels of threats as large enterprises, WAF used to be prohibitively expensive. Not only that, but they often required months to setup and then a team to monitor and tune the WAF after it was implemented. Because of these factors, many SMBs have never been able to experience the safety a WAF can provide.
At StackPath, we created a WAF that provides enterprise-grade security without the enterprise-grade barriers like price or complexity. It has been tested against the most expensive offerings in the market and held its ground.
Security does not need to be complicated to be effective
We designed our UI to be easy to use, yet fuelled by powerful analytics. Our customers enjoy the autonomy of effortlessly managing their own WAFs with just a few clicks – no need to file a support ticket.
It is so fast and easy to set up. You can now get best-in-class OWASP Top 10, bot mitigation, rate limiting, DDoS mitigation and API (application programming interfaces) protection for your site in less than 30 minutes.
Here is how:
1. Enable WAF
No SP// account? Start here:
- Visit stackpath.com/register and enter your information to create your account
- Follow this article with video tutorials to select which services you would like to use
Along with WAF, we offer CDN (Content Delivery Network), edge compute, and DNS services as part of our overall edge platform. The linked article above will take you through creating a site, creating a DNS zone, inviting users, and even creating an API key if you need one.
If you’re a current customer and do not have WAF enabled, navigate to the WAF tab within your site and enable. The WAF is deployed with default settings which are what our security experts have determined to be the most common defenses.
2. Enhance your WAF settings
To enhance your security posture, we recommend following along with this article which explains how to:
- Obtain or upgrade WAF on your sites
- Enable monitor mode to see how your traffic behaves
- View the results from monitor mode
- Test WAF configurations in monitor mode
- Update WAF to allow administrators, good bots, and CMSs to pass through
- Configure the API
- Edit DNS records
- And finally, put the WAF into “Protect” mode
Here’s what you’ll achieve in minutes
After completing the steps in the two articles above, you will have an enterprise grade web application firewall protecting your website. It is robust enough for teams to pull insights from, yet nimble enough one person can manage it. This can even help online retailers achieve certain compliances such as PCI 6.6 and others.