2015-01-30, 08:38 PM
Hey guys,
Are any of you using any Web Application Firewall services like Cloudflare, Incapsula, Sucuri etc?
We have a couple of websites (including another forum, but not a MyBB forum) using WAFs and they are doing pretty good in terms of security. I do find however that the WAF tends to make a site slower if your hosting is actually good (the opposite if your hosting is bad/average).
I'm more interested about a WAF from a security point of view. Modsecurity for Apache 2.4 seems to be improved and more strict, but what do you think of adding a WAF like the paid version of Incapsula that protects against SQL injections, cross-script attacks, backdoor vulnrabilities etc? That plus modsecruity for Apache 2.4 could be epic to protect a MyBB forum (or not?).
I've seen a couple of big forums using these WAFs, but most were vBulletin. However I've noticed hackforums.net (MyBB) is using Cloudflare, so that should mean something. When we used a WAF on our forum (not MyBB), we noticed that search engine traffic dropped substantially, but it could have been a coincidence since page loading time actually improved.
So what do you all think of adding a WAF to a MyBB forum to improve its security?
Thanks.
Are any of you using any Web Application Firewall services like Cloudflare, Incapsula, Sucuri etc?
We have a couple of websites (including another forum, but not a MyBB forum) using WAFs and they are doing pretty good in terms of security. I do find however that the WAF tends to make a site slower if your hosting is actually good (the opposite if your hosting is bad/average).
I'm more interested about a WAF from a security point of view. Modsecurity for Apache 2.4 seems to be improved and more strict, but what do you think of adding a WAF like the paid version of Incapsula that protects against SQL injections, cross-script attacks, backdoor vulnrabilities etc? That plus modsecruity for Apache 2.4 could be epic to protect a MyBB forum (or not?).
I've seen a couple of big forums using these WAFs, but most were vBulletin. However I've noticed hackforums.net (MyBB) is using Cloudflare, so that should mean something. When we used a WAF on our forum (not MyBB), we noticed that search engine traffic dropped substantially, but it could have been a coincidence since page loading time actually improved.
So what do you all think of adding a WAF to a MyBB forum to improve its security?
Thanks.