Website security as it should be

Being the editor of a blog that deals heavily with risk management and business continuity, let alone blog continuity, it is only natural that I also care about the security and continuity of my blog. That is why a couple of months ago I decided to protect my website with Incapsula, While I have been quite happy with Incapsula so far, they have just released a major upgrade, and it is now much easier to use, having richer reporting details and extremely fine-tunable security options, making it very easy to pinpoint and select which traffic to allow and which to reject.

2015-11-10 This post was written in 2011 and is now outdated. My latest post on Incapsula is here: Incapsula – rest your worries

Why Incapsula?

Incapsula is a cloud-based shield that wards off hackers, bots, scrapers and spammers and prevents them from even reaching my blog, and only lets legitimate traffic pass through. This also improves my blog’s performance, since it no longer has to deal with traffic that has real reason to be there.



In fact, in the three months since I signed up with Incapsula it has saved me 40% or 15GB of bandwith, said goodbye to some 15000 visits by spammers and took care of the TimThumb vulnerability and the Apache DOS vulnerability long before I knew they existed, by sending me an alert that an attack had just been thwarted.

The Upgrade – what’s in it?

Firstly, the user interface has gotten much better, giving a fuller overview of your site’s security stats and performance details. All stats are available as Today, Last 7 Days, Last 30 Days, Last 90 Days and Month to Date. Secondly, the user options have increased vastly, allowing a fuller selection of which traffic to allow and which not, and last but not least, it is now possible to blacklist or whitelist individual traffic. With Incapsula having undergone this major upgrade in its dashboard and user options, there is no reason and certainly no excuse for not using it.

Reason #1: Rich and Deep Traffic Stats

The traffic stats present you with a full overview of your site’s traffic, how much of that are bots, how much that are humans, and how much that has been blocked, including the top 5 countries and applications. Server load is shown as Hits per Second and Bits per Second, and accumulated bandwidth. I cannot think of anything else that should have been included here, can you?

Reason #2: Detailed Threats Stats

The threats stats are also a major improvement over what they used to be, now clearly displaying which threats that are most prominent and what countries you should watch out for. The five latest security events and what Incapsula did to them (based on your settings) are also shown.

Reason #3: Extensive Performance Stats

The performance stats show well Incapsula is speeding up your site, caching requests and saving your bandwidth. Very useful if you have a global audience is the pie chart showing which data center that gets the most requests, let alone the graph showing the global response time and that features a slider that you can run along the graph to study the details.

Reason #4: Recent Updates Overview

The recent updates stats is just that, a list of the settings you changed most recently or the alerts that Incapsula sent you. It even displays outage time and lost visitors, if you wish so (see reason #7).

Reason #5: Easy Threat Handling

Threat management couldn’t be easier: Do Nothing, Observe and Report, and Block Request. That’s all you need, really. Note that it is possible to whitelist certain IPs, something that previously was only possible after and event, now you can do it in advance. For example, I use it to whitelist my own IP, since my WordPress theme allows me to do some inserts that the latest WordPress version I am using does not allow. Incapsula, knowing that I am using the latest WordPress version then blocks me from doing these inserts, unless I whitelist myself.

Reason #6: Fine-tuned Access Control

This is perhaps the setting that has undergone the biggest change in this upgrade, allowing you to block or whitelist individual countries, user agents or clients, and IPs, see my note under reason #5.

Reason #7: Informative notifications

If you wish, you can let Incapsula do its job without telling you anything, or you can stay on top of it and receive an e-mail as soon as something suspicious happens. This is how a weekly report looks like.

Reason #8: Easy Performance Acceleration

Incapsula is security first and performance second. Consequently, unlike for example CloudFlare, there are few performance settings. In fact, there are only two, Standard and Advanced, but them again, since they do the job more than well enough, I really don’t need more. Do you?

Reason #9: Detailed Visitor Stats

While it is unlikely that you will use Incapsula for your stats needs, they are nonetheless useful in identifying your visitors and threats in more detail.

Conclusion

This being the first major update since its release, Incapsula has taken a huge step forward. I am almost compelled to say “a small step for Incapsula – a giant leap for website security”, but that wouldn’t be right. What I can say is that while in a previous post I compared Incapsula and CloudFlare, stating that Incapsula is for security and CloudFlare for performance, this update clearly shows where Incapsula’s heart is, and that is state of the art website security (with performance included, but not the main issue). No comparison needed and no comparison possible, because this is how website security should be.

Update 2015/11/09

Four years on, I’m still with Incapsula. Read more about it here: Incapsula – Rest your worries

Related links

Other reviews

Related posts

Posted in my BLOGGING
Tags: ,

ARTICLES and PAPERS
Risks and supply chains... stochastically speaking2
A word of warning: This is not your typical journal article on supply chain risk. Risks and supply c[...]
Supplier selection based on supplier risk
It's amazing how supply chain risk papers appear in the unlikeliest of places, and today I discovere[...]
BOOKS and BOOK CHAPTERS
Resilience times four
Resilience. It is not so much about reducing the number of things that go wrong, but it is about imp[...]
Book Review: Managing Risk and Security
One of my readers suggested this book to me via  a comment on my supply chain literature list pages[...]
REPORTS and WHITEPAPERS
Highway Vulnerability and Criticality Assessment
Transportation vulnerability and resilience have been the focus of this blog for the past two days, [...]
Calculating the Value-at-Risk
Some of you may remember that I posted about the SCOR Framework for Supply Chain Risk Management ear[...]