Sucuri website firewall is one of the best cloud-based web application firewall (WAF) for websites.
If you are building a long-term website with steady progress, you need to safeguard your website.
I did use it on one of my educational sites, which gaining traction.
Once we reached 10k visits per day, we had several attacks in the form of spam comments, spam back-links, content copying, etc.
We had to block IP’s to stop comments and use regularly disavow to dilute spam backlinks.
But the solution was not effective and also had a drastic effect on traffic.
The images were copied and all scrap links were pointing to our site.
So we thought of a firewall to protect our site from further spam attacks.
Then one of my friends advised the sucuri firewall protection plan. We have been using it for months and hence put up a sucuri firewall review.
Sucuri review and its effect on our site
We just bought a sucuri firewall basic plan of $9.9 per month to evaluate the program’s effectiveness.
Immediately after installing, the traffic was down for a few minutes to hours.
Then the traffic was back to normal and our website seemed seamless and of better speed than before.
After a day, we noticed no spam comments on our blog.
We kept an eye on the linkody backlink checker tool to see if there were any backlink attacks. Previously we had 4 to 5 backlinks spam per day. This was all of a sudden stopped and no further spam backlinks were generated.
Even our image hotlinking was stopped while our other sites, which did not have a firewall enabled, got the attacks as usual.
It seems if you are a growing blogger or webmaster trying to enhance your site traffic, you will be prone to negative SEO attacks by others. To safeguard your site from the Google penalty, the only way out is to prevent spam backlinks, spam comments and other attacks on your site.
Sucuri firewall at just a fraction of the cost will help you prevent have any attacks on your site.
We are glad that we found this cloud-based WAF and hope to see more positive results for our future site.
Major features of sucuri firewall
- Mitigate DDOS attacks
- Prevent scrapper and bad bot crawling
- Spam comment protection
- Login page protection
- WordPress security
Mitigate DDOS attack
The firewall helps tackle small and also large scale DDOS attacks on the website. This helps to keep your website live for real users and also save hosting server resources.
Prevent scrapper and bad bot crawling
Scrappers and bad bot crawling is a silent attack on the website. These pretend to be regular crawlers like google and other search engines. But they do not comply with robots.txt commands.
They are intended to search for your website keywords, content, images. These crawls can be used for negative SEO attack on your website. The person behind these bots can study your website weaknesses and enable large-scale negative SEO like hotlinking images or stealing your content and images for duplication.
Spam comment protection
Having comment enabled in the WordPress site help to interact with the users of the site. But this can generate a lot of spam comments with those people trying to build links.
Sometimes they use automated software leading accumulation of several spam comments. To tackle these, many bloggers prefer to use spam protection plugins.
But with sucuri enabled, you can avoid spam comments, and even you may not require the plugins.
Login page protection
WordPress websites have a default login protection page with wp-login.php. And to harm your website, attackers can try to make login attempts.
The attacks can occur every five seconds or less from different countries.
Though it seems that they are trying to hack your website, there is also an enormous load on your server slowing down your website.
To prevent this, one has to use login page security plugins like wordfence or block access to the login page from other countries or other IPs by Cloudflare firewall.
If you have sucuri firewall enabled, you will not need to worry about this as it helps open this page only on your computer.
If you try to open it on another computer or if others try to access the page, they get a warning.
“Access denied sucuri website firewall” asking to contact the website owner or the sucuri support for help.
Of course, you can use this feature for free using Cloudflare access options. This Cloudflare access helps you access the login page only from specific IP and if you move, you can request access by getting an email code.
WordPress has many files that can be accessed by attackers of your site. Sucuri has different levels of security to prevent any malicious site attacks.
Further, they provide a WordPress security plugin that can help integrate the firewall with your site.
Other options in the sucuri firewall
It reports all the IP’s from where traffic was blocked, the user agent like is it a bot or some other attack on your site. It gives an overview of the geo of the attack on your site.
The firewall allows you to specify from which specific IP’s the admin panel can be accessed. This is very important as it can block hackers from accessing your site directly.
Further, it allows you for geo-based blocking. This means you can block visitors from a specific country from accessing your site. This is again of two modes.
One mode prevents viewing of your site as a whole to the visitors of a specific country. Simultaneously, the other mode enables them to view your site but not post any comments on it.
Let us know your views on the sucuri firewall and its performance.
Q & A
How to remove the sucuri website firewall?
You can just remove your website by two options.
- Remove your server IP from the sucuri dashboard and delete your website in the panel.
- Remove sucuri IP from your domain DNS settings.
How to disable sucuri firewall
If you wish to temporarily disable the firewall, you can try the developer mode. Or contact their support. If it is permanent, just remove your site from their dashboard by the above-mentioned methods.
How to bypass the sucuri website firewall
If you wish to log in to your site, you can whitelist your network IP to access your site. Another way is to remove the firewall on your site from the sucuri dashboard.
Why is sucuri blocking me?
If your network seems suspicious, you will be blocked from accessing your site.
How to clear the sucuri cache?
You just need to login into your firewall dashboard and clear your site cache. If you have wprocket cache plugin and have enabled sucuri support in settings, clearing wprocket cache helps to clear sucuri cache.