This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Introducing Cloudways Community Forum. Start Discussions and Get Instant Help From Cloudways Community. JOIN NOW

How to Set Up Sucuri Web Application Firewall (WAF) on CloudwaysJune 30, 2017

 

In this KB

  • What is Website Firewall Component of Sucuri
  • How to add website to firewall
  • How to specify app server region
  • How to make DNS changes

 

If you followed our previous guide on how to set up the Sucuri Antivirus, your site is now properly monitored by Sucuri for any security issue. Here we will be setting up the Website Firewall (WAF) component of your Sucuri subscription. It is a service sitting in front of your site, filtering all traffic to it and protecting it from hacking attempts and other nasty stuff.

Note: Setting up the Sucuri Website Firewall (WAF) implies changing DNS records for your domain so we advise extreme care when doing it. As always, in the case of doubt,  contact our support team.

Step 1: Add a Site to Website Firewall

Navigate to CloudProxy Website Firewall in the left menu of your Sucuri console, type your full domain name in the Domain Name field and click on Add Site.

sucuri panel

Step 2: Choose Server Location

From the drop-down menu, choose the location closer to the Cloudways server where the application to protect is hosted (this is the location where the Sucuri servers filtering your traffic will be, so the closer you choose it to your server, less latency will be added).

sucuri panel

Step 3: DNS Changes

Now comes the part where you need to be careful. You will be instructed to change the A record for your domain to point to the Sucuri Firewall IP address.

sucuri panel

If you followed our advice when initially taking your site live from Cloudways, you created a CNAME record on your DNS provider (typically your domain registrar) pointing to your Cloudways server. Now you will need to add an A record pointing to the Sucuri Firewall IP and remove the CNAME record pointing to Cloudways. If you just have an A record, then you simply need to update the IP.

Before doing anything, read carefully the instructions under Activating CloudProxy and check that your site loads properly from the provided test link.

As said above, get in touch with our support team in case of any issue or doubt!

Please insert Content
Have Questions? Ask From Our Helpful Community

4 Responses

  1. Christian says:

    I kind of feel like a firewall should be available for free at the server level.

    • Cloudways says:

      There is a firewall configured on all servers with stringent rules. With Sucuri and similar, we are talking about Web Application Firewalls that sit in front of your server and scan incoming requests to it. It is an altogether different thing and that adds an (optional) extra layer of protection beyond the more basic standard firewall (filtering ports) deployed on each server.

      Cloudways Team

  2. Sachin says:

    Do I need Sucuri WAF if I use Cloudflare CDN. They provide enterprise-grade WAF when using their service and its free. What is the difference between the two WAF’s.

    • Cloudways says:

      This is completely up to you. The free Cloudflare offering has less features than the Sucuri paid one. Of course Cloudflare paid plans catch up with what Sucuri offers (simply we think Sucuri is much more focused in just security than Cloudflare, and we like focus).

      Cloudways Team

Do you still need help?

Our Technical Support team is always at work.