Over the past year, we noticed security becoming increasingly important for SMBs. Not only were they getting attacked more (73% experiencing cyberattacks or data breaches in the past 12 months, up from 43% in 2022), but there was also a 24% increase in detected plugin vulnerabilities.
We also found that many WordPress security plugins struggled to detect and clean certain types of threats. That’s why we felt the need to offer better out-of-the-box security to our customers.
After thorough research, we selected Imunify360 as an ideal security vendor to provide stronger, built-in security for our customers. In May, we launched the first phase with the Malware Protection add-on, featuring automated malware cleanup & real-time protection from PHP-based attacks, starting at just $4/app per month.
Introducing Our New Web Application Firewall
During the launch of the Malware Protection add-on, we promised to integrate more Imunify360 features at no extra cost for Cloudways Flexible servers.
Now, we’re excited to announce the integration of Imunify360’s server-level firewall across all Cloudways Flexible servers.
This introduces a new level of simplicity to your hosting experience, whether you’re a business owner, blogger, freelancer, or managing hosting for your business. Your websites are now protected by A comprehensive server-level firewall, which monitors and helps block malicious traffic from affecting your server resources.
Unlike most WordPress security plugins that work on the application level and thus take up site resources by scanning traffic once they hit your sites, our solution (powered by Imunify360) operates on the server level. This provides better and more efficient protection across all your websites as without compromising performance.
Key Features of the New Firewall
Following are some important features of the new firewall:
- IP & Country Blocking: Control which IPs and countries can access your site to help protect against known malicious regions and high-risk IPs.
- Automated Threat Detection: Help identify and block threats automatically, decreasing your risk of malware, data theft, and site hijacking.
- Performance Optimizations: Since the firewall operates at the server level, it uses fewer resources, helping your site remain fast and responsive.
- CMS-Based WAF Rules: CMS-specific rules help protect your site from attacks targeting vulnerabilities in your CMS, be it WordPress, Joomla, or Drupal.
- DoS Protection (SSH + HTTP): Helps shield your website and server from denial-of-service (DoS) attacks that can overwhelm your system and disrupt service.
- Weak Password Protection (HTTP): Enforces strong password requirements to help secure login pages, providing protection against dictionary-based attacks and weak password usage.
- Web Honeypot: Attracts malicious bots into traps, reducing the risk of automated attacks on your site.
- Brute-force Protection (SSH + HTTP): Prevents repeated failed login attempts to help protect against credential-guessing attacks.
- Bot Protection: Helps mitigate malicious bot traffic to improve site security and the overall user experience.
What Is a Firewall?
A firewall functions just like an airport security team. It monitors traffic coming to your website & blocks suspicious behavior, such as attempts to inject malicious code.
Firewalls distinguish between “good” and “bad” traffic using predefined rules. These rules act like airport security protocols, which restrict items like liquids, sharp objects, batteries over a certain limit, and weapons. For instance, a “good” request might be a user trying to view a blog, while a “bad” request could involve someone trying to log in multiple times and attempting to crack a password.
There are different types of rules depending on their purpose, such as:
- General Web Application Rules: These are standard rules, often defined by the OWASP (Open Worldwide Application Security Project ) , that protect against common threats such as SQL injection and cross-site scripting (XSS).
- Vulnerability Specific Rules: Custom rules that protect against specific vulnerabilities.
- CMS-specific Rules: Curated rules for your CMS (e.g. WordPress) to protect sensitive areas of your site from unauthorized access, even from undetected vulnerabilities.
Imunify360’s firewall comes pre-configured with all of these rules, including CMS-specific rules, to help protect your sites against attacks targeting specific weaknesses in your CMS.
How to Use the New Firewall Integration?
The new firewall has been activated across all Cloudways Flexible servers. Here’s how you can manage and view its performance:
Overview:
- Navigate to “Server Management” for your server.
- Under the “Security” tab, select “Overview” from the dropdown.
You will see a summary of all firewall-associated metrics as well as malware scanning & protection metrics.
Incidents:
- Navigate the “Incidents” menu to view individual blocked events.
Here, you can whitelist or blacklist IP addresses based on these events.
IP & Country Allow/Block:
- Next is the “Firewall” section, where you can view your existing custom rules and also add new rules to allow or block specific IP addresses or, where you can view your existing custom rules and countries.
Incidents by Application:
- Navigate to Application Management.
- Under Application Security, you’ll find an “Incidents” tab.
Here you can view traffic blocked for each application.
How Will This Affect Existing Security Solutions?
The first change that this integration brings is within the user experience.
Previously, the Security menu in server management had one option for whitelisting IP addresses for SSH/SFTP and MySQL access.
Now, the Security tab opens into a dropdown menu with options for Overview, Incidents, Firewall, and Access. The first three are related to firewall control and analytics, while the Access tab handles whitelisting for SSH/SFTP and MySQL.
Similarly, under Application Management, there’s now a dropdown called Application Security, where you’ll find tabs for Bot Protection, Incidents, Malware Protection, and the Vulnerability Scanner.
How Does This Affect Cloudflare Enterprise or Other CDN Solutions?
This firewall’s integration does not interfere with Cloudflare Enterprise or other CDN solutions. While CDNs offer great protection against general attacks, they do not protect your site against attacks utilizing FTP, SFTP, and other protocols. However CDN Firewalls are especially useful for defending against distributed denial-of-service (DDoS) attacks.
And this is why we always recommend using a CDN as an extra security layer as it will protect your sites from DDoS attacks, offload your server and also provide performance benefits.
Here’s how the Imunify360 WAF configuration compares with the Cloudflare Enterprise add-on:
Feature set | Cloudflare Enterprise add-on | New Web Application Firewall (Imunify360) |
Global CDN + Edge page caching & performance features | ✔ | ✖ |
Web Application Firewall | ✔ | ✔ |
DDoS Protection | ✔ | ✖ |
Bot Protection | ✔ | ✔ |
Login Protection | ✔ | ✔ |
Brute Force Protection | ✖ | ✔ |
DoS Protection | ✔ | ✔ |
Web Honeypot | ✔ | ✔ |
IP Allow/Block | ✖ | ✔ |
Country Allow/Block | ✖ | ✔ |
What Will Happen to Bot Protection?
With the new firewall effectively filtering out bots, our previous Bot Protection (Malcare) integration will be phased out. Over the next few weeks, it will be turned off in batches for all accounts and eventually removed altogether from the platform.
If you prefer, you can manually disable Bot Protection from the Application Management section. However, new and existing users will no longer have the option to enable this feature.
Here’s a brief comparison of the features previously provided by Malcare’s Bot Protection vs the free features now offered with our Imunify360 WAF.
Feature set | Cloudways Bot Protection (Malcare) | New Web Application Firewall (Imunify360) |
Web Application Firewall | ✖ | ✔ |
Bot Protection | ✔ | ✔ |
Login Protection | ✔ | ✔ |
Brute Force Protection | ✖ | ✔ |
DoS Protection | ✖ | ✔ |
Web Honeypot | ✖ | ✔ |
IP Allow/Block | ✖ | ✔ |
Country Allow/Block | ✖ | ✔ |
Do I still need to keep using plugin Firewalls or is Imunify360 enough?
With the integration of this firewall, there is no need to add additional security plugins for the purpose of adding a firewall. However you may add them as another layer of security.
What’s Next?
In the coming quarters, we will be integrating additional features from Imunify360’s security suite to further enhance the security of our hosting environment. We will also be further enhancing our malware scanning visibility by bringing visibility of database tables as requested by customers.
We are committed to providing a secure and reliable experience for our customers, and we encourage you to share your feedback with us at feedback.cloudways.com.
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He's also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.