freistilbox protects websites with a Web Application Firewall

Published 2018-05-16 by Jochen Lillich

freistilbox customers know our slogan: “Work efficiently. Sleep peacefully.” Today, we’re happy to tell you that we’ve made your resting time even more relaxed. Your websites are now protected by the new freistilbox Web Application Firewall.

About a week after the highly critical Drupal core vulnerabilities (see PSA-2018–002PSA-2018–003) were published, our web operations team noticed an increasing number of website abuse attempts. These attacks result in an instant security breach for all websites that haven’t been updated to the most recent secure Drupal versions. (Sadly, there are still quite a few of these websites out in the wild.)

In order to mitigate these attacks, we added a Web Application Firewall (WAF) to our web boxes. Other than common firewalls, a WAF monitors and filters web requests on the application level. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.

The infrastructure of our managed hosting platform is fully automated. Besides the efficiency this allows us in managing hundreds of servers, this has the great advantage that new features immediately benefit all our customers. So in this case, you don’t have to do anything to be better protected from abuse attempts; since last week, your websites have been more secure than ever.

Side note: If you still haven’t applied the updates related to the Drupal vulnerabilities mentioned above, you should do so immediately. One security measure doesn’t make the other obsolete. Quite to the contrary, they compound each other. After all, when we added airbags to our cars, we didn’t take out the seat belts, did we? 😉

Our recent process improvements will allow us to be more proactive in the future and get web security improvements out of the door even more quickly. Still, we’re happy that we’ve made our customer’s lives a bit more peaceful. Sweet dreams!