Protect your platform from hackers with a Web Application Firewall like Cloudflare

Large CMS platforms such as Sitecore, Umbraco, Drupal and WordPress and commerce platforms such as Magento and Shopware are standard packages that are widely used worldwide. This is interesting for hackers and malicious attackers. There are at least two reasons for this:

1. Once a hacker has knowledge of a possible leak in a standard package, he can easily attack hundreds of thousands of platforms using a single script. Even though security patches are often released quickly for known leaks, there is always a short period in which hackers can try to exploit a leak. After all, upgrading a platform takes time and isn’t always immediate.

2. Additional modules or plugins are another vulnerability in standard packages. You can install them quite easily and are usually relatively inexpensive and useful for their intended purpose. But these modules often only have a relatively small user group, much smaller than the core platform’s so leaks in specific modules are often not discovered as quickly or quickly enough. Naturally there are hackers who only focus on modules and plugins, looking for vulnerabilities. If they are successful, they then coordinate attacks on a lot of platforms at the same time.

In both cases, the 'healthy', secure platforms are also negatively impacted by this because all platforms are attacked, whether a vulnerable module or plugin is installed or not.

A Web Application Firewall (WAF) is a proven and effective way to resist all these types of threats. A WAF scans the content of incoming and outgoing traffic and can recognise and block common forms of abuse. By using 'rules', specific traffic behaviours through the web server are recognised and filtered.

The maintenance of these rule sets has become a new arms race. It’s almost a full-time job for website and webshop administrators. And for hackers, the challenge is to be quick enough to get their attacks around the WAF because they are detected quickly by WAFs around the world.

New players in this arms race are the Cloud Managed WAFs. Cloudflare is one of the largest cloud-based SaaS solutions. It takes care of the difficult issues of compliance, regulation, and the continuous updating of 'rules’. Cloud Managed WAFs have three main advantages:

• Better platform performance: all traffic blocked by the Cloud Managed WAF is kept away from the provider's infrastructure and thus does not contribute to load and performance degradation.

• Cost-efficient: the implementation and adjustment of new 'rules' is carried out centrally and with prevention in mind. This saves maintenance and development costs for companies.

• Effectiveness: The Cloud Managed WAF analyses thousands of platforms at the same time, outside of the business’s own infrastructure. As soon as a threat emerges on other platforms, preventive 'rules' are added that are also used for your platform. Hacking attempts are therefore mapped much earlier and faster.

The benefits are not only tangible when measuring performance, cost, and effectiveness, but they also impact team focus. Implementing a Managed Cloud WAF means that business owners and developers can focus on their main priority: (further) developing their business and running a successful platform.

Cloudflare is one of the larger players in the field of Cloud Managed WAFs. Its size means that they have the resources to facilitate a particularly effective layer of security, but they are also reasonably priced. Starting at $20 per month, Cloudflare offers an unrivaled package of benefits. However, it's always worth checking whether Cloudflare is the best option for your organisation. Cloudflare cannot guarantee that your data will remain in the EU, while this can be desirable from a legal point of view. In this case, it might be better to consider AWS or Azure's WAF. These solutions are more expensive, so should only be considered if the geographical data location of your data is absolutely necessary.

It's always a good idea to consider a WAF, such as Cloudflare, to give your own platform an extra layer of security. With a growing number of automated attacks on widely used platforms, it is essential to arm yourself and protect your business and your customers effectively against them.