Web Application Firewall (WAF)
Our WAF is your first layer of defence preventing cybercriminals from hacking your website's critical data and information.
What if a targeted cyber attack never reached your site?
A web application security breach can have devastating consequences, often leading to the loss of critical data or theft of confidential information.
Leading plugin-based firewall (we tested it!)
Unlike many other providers, our WAF is completely free to use with PINC 360 hosting and is already tuned for WordPress. It also uses fewer server resources by not running in PHP and doesn't need to touch a line of code - meaning it won't significantly affect your site's performance.
Armed with over 300 highly optimised, managed firewall rules (updated daily)
Our WAF comes armed with a highly optimised, managed ruleset, containing more than 300 firewall rules (or policies). These policies combine rule-based logic, parsing and signatures; enabling them to detect and prevent a range of web application attacks.
OWASP attacks are your WAFs specialty
Included as part of our WAFs 300+ ruleset, is protection against common "OWASP" top ten attacks - including cross-site request forgeries, cross-site-scripting (XSS), file inclusions, SQL injections and more.
Intelligent app protection is less than a click away
Our WAF is automatically enabled on all sites hosted with PINC 360, meaning protection is literally less than a click away. Of course, if for some reason you need to deactivate the WAF, you can.
You make the rules with black and whitelists settings
Want to sure-up your security even more? Assemble a customised "blacklist" of unwanted IP addresses, or user agents your WAF will automatically block.
Disable rule IDs and limit false alarms
If any of our in-built WAFs rules trigger false alarms, these can easily be disabled. It's as simple as entering the rule you're having trouble with into the disable rule ID field.
WAF log - learn from every attack, error and request
Our WAF log shows you exactly where attacks are coming from, which requests have been blocked, and what rules those requests triggered.
Automatically patch hard-to-detect WordPress vulnerabilities
Our WAF also takes web app security a level further by deploying "virtual patches" to repair WordPress core, plugin, and theme vulnerabilities when required.
Meet security compliance requirements and offer extra assurance for customers
If your organisation processes or stores sensitive information (credit card details etc.), it's obviously important you comply with security requirements, and standards such as the PCI, HIPAA and GDPR.
Easy integration with additional safety measures
Of course, any additional layer of security is invaluable, and our WAF also integrates perfectly with other security measures.
How our WAF compares with other providers:
|Blacklist or Whitelist Settings||✔||✔||✔|
|Automatic Virtual Patching||✔||✔||✔|
|Optimised For WordPress||✔||❌||✔|
|Minimal Performance Hit||✔||✔||❌|
|OWASP Top Ten Protection||✔||✔||✔|
|Cost||FREE||≈ USD 20||≈ USD 99|