In today’s digital landscape, the security of your website is paramount. At Seravo, we take the protection of your WordPress site seriously. A crucial component of our defense strategy is our new Web Application Firewall (WAF).
At Seravo, we have always protected the sites in our premium WordPress hosting by DoS/DDoS and brute-force protection, enforcing HTTPS, global firewall rules, and proactively encouraging the use of strong passwords. In addition, traffic to site is filtered with access control lists (ACL).
In addition, our 24/7 monitoring, security updates, daily security scans as well as our unique Security Guarantee have made sure that sites hosted at Seravo remain as secure as possible. We also encourage the use of two-factor or multi-factor authentication (2FA, MFA) whenever possible.
What is a Web Application Firewall (WAF)?
A Web Application Firewall (WAF) is essentially a layer of security that sits in between your website and the internet. The primary job of this software layer is to inspect incoming web traffic.
By monitoring, filtering, and blocking unwanted connections, the WAF acts as a shield, preventing attacks that could cause harm to your site. It is designed to mitigate generic threats and common exploits before they even reach your WordPress installation.
The good news? All Seravo customers’ WordPress sites are protected against these generic threats by our standard WAF configuration, ensuring good security for everyone. Great security is always included in our plans, so you don’t need to pay extra for it when your site is hosted at Seravo!
Managing Your WAF Protection at Seravo
For all of our WordPress hosting plans, the generic WAF configurations are set up to offer protection against common vulnerabilities and cannot be modified (excluding the Enterprise WAF option, detailed below).
While the WAF is active and working to protect your site, there are scenarios where you may need to adjust its state. You have two options for managing the WAF on your website in Seravo’s hosting:
Customer Service
You can always contact our customer service to request the activation or deactivation of the WAF on your website – we’ll do it for you free of charge.
Command Line Interface (CLI)
For those comfortable with the command line, Seravo provides simple srv commands to manage the firewall:
| Action | Command |
|---|---|
| Activate WAF | srv feature waf --enable |
| Deactivate WAF | srv feature waf --disable |
| Check WAF status | srv feature waf --status |
To use the command line, you need an SSH connection to your WordPress site. You can find instructions for forming the SSH connection on Seravo’s Knowledge Base.
WAF for WP Enterprise Plans
In the future, for sites requiring the highest level of tailored security, Seravo will offer the Enterprise WAF as an additional service for customers on WP Enterprise WordPress hosting plans.
This additional service will elevate your security by allowing for site-specific and fine-grained WAF rules to be implemented. On top of the customized rules, the Enterprise WAF add-on service will also provide detailed logging data. This feature will be invaluable for advanced troubleshooting, compliance, and understanding the threat landscape targeting your site.
We’ll update this article once the Enterprise WAF service becomes available for WP Enterprise customers. We’ll also give a heads-up in out newsletter, and meanwhile it’s a great idea to make sure you’ve subscribed to it!
Ready to Secure Your Site?
Seravo is dedicated to keeping your WordPress site safe. If you have questions about your current WAF status, need to activate/deactivate the WAF, or are interested in the upcoming custom configurations for WP Enterprise plans, don’t hesitate to contact our customer service today!
Migrate Your Site to Seravo!
Interested in better security? You can migrate your site to Seravo’s hosting by ordering it as an additional service from our experts!
