Web Application FireWall

 

Web Application FireWall is a feature of the CleanTalk Security Service for WordPress that protects the Web application from unauthorized access, even if there are critical vulnerabilities.

It allows you to protect Web applications from known and unknown attacks. The protection is transparent to all visitors and realizes accurate filtering. It supports both GET and POST methods and requests to dynamic resources. WAF checks all requests to your website and prevents possible attacks such as Xros Site Scripting (XSS), SQL-injections, uploading files from non-authorised users, PHP constructions/code, the presence of malicious code in the downloaded files. CleanTalk Web Application FireWall for WordPress is the proactive defense against possible attacks to prevent hacks in real-time.

You can find this option in the General Settings section of the Security plugin (WordPress Admin Page —> Settings —> Security by CleanTalk —> "General Settings" tab):

 

Security WAF options web application

 

Web Application Firewall – Enable/disable WAF

XSS Check – enable/disable protection from Xros Site Scripting attacks

SQL-Injection Check – enable/disable protection from SQL-injections

Check Uploaded Files – enable/disable checking of all uploaded files for malicious code

Check plugin and themes while uploading – enable/disable checking WP theme at the moment of uploading

Check for exploits – enable/disable chcking traffic for known exploits

Traffic Control option – enable/disable analyzing the number of requests towards a website from any IP address for a certain period of time

 

All attacks are logged here (WordPress Admin Page —> Settings —> Security by CleanTalk —> "Firewall" tab):

 

Security logs

 

You can test if XSS protection is working.

Add this string "/?spbct_test=MD5-OF-YOUR-ACCESS-KEY&&spbct_test_waf=xss" to your website address. You have to modify it for your own access key.

Example:

  1. Your access key is 1234.
  2. Calculate MD5 hash of your key here: https://www.tools4noobs.com/online_php_functions/md5/
  3. It would be 81dc9bdb52d04dc20036dbd8313ed055 for the "1234" key.
  4. Now modify the link to the XSS block screen. It will look like this:
  5. MyWebsite.com/?spbct_test=81dc9bdb52d04dc20036dbd8313ed055&&spbct_test_waf=xss

 

You will see this blocking screen:

Security XSS block

 

 

The same is true for testing SQL-Injection protection. Use this string:

/?spbct_test=MD5-OF-YOUR-ACCESS-KEY&&spbct_test_waf=sql

 

You will see blocking screen:

 Security SQL-injection test

 

 If you upload an infected file you see the error:

Infected file block

 

 

Was this information helpful?

No

Yes




Perhaps it would also be interesting