June 28, 2018 by Agnes Talalaev
WebARX is a cybersecurity company, founded in 2015 with an idea to make the web a safer place for website owners, digital agencies and web developers.
Since 2015 the idea to make a web application firewall has been developed into something bigger and now WebARX in not just a plugin, it’s much more.
We have already made the every-day work much easier for a lot of web developers and digital agencies. You can read how WebARX has helped René saves a lot of development time and how Jorcus enjoys his peace of mind with the powerful WebARX website firewall he has for his sites.
The website firewall, uptime monitoring, security scans and alerts from our cloud-based dashboard reduces a lot of maintenance time and saves money while providing many security features in one place so there is no need for multiple security plugins on your sites.
In this article, we will explain how our product has changed in time and what kind of features does WebARX have today.
This is the main view of our old portal where you could see how many sites have been added, how many security scans were completed, and how many attacks it has blocked. Also, it gives an overview of how many websites were running on vulnerable software (CMS, plugins, themes, etc.).
Today it looks like a totally new product. In addition to the website firewall, we included uptime monitoring by default. The website firewall is running on OWASP guidelines and we have included our own threat intelligence feed to the firewall engine which helps us to send virtual patches to the firewall.
From analyzing around 3000 hacked websites per day, WebARX website firewall effectively blocks hacking attempts, stops brute-force attacks and even malicious traffic (bots).
What is a web application firewall? – Read more here.
To start protecting and monitoring your website, you need to make an account on WebARX portal.
Setting up the WebARX and the firewall has been made extremely. For WordPress sites, it usually takes a minute to set up the firewall, for other applications it may take a bit longer.
Every website that has been added to the WebARX Portal has its own view, which will show you uptime/downtime and response time on the right side. On the left side, you can see how many attacks have been blocked.
Next to the site name, you can see a pen icon, that will send you to a website management page.
If you have more than one website, you can easily search for sites by using the search option on the dashboard at your right.
If we update our firewall agent or the plugin, you will be notified and recommended to do the update or set up an automated update from the portal.
When any of the websites you add to WebARX Portal has known vulnerabilities or when suspicious behavior is detected – you (or your team) will receive an alert to eliminate risks in time.
WebARX will analyze every single software version that is used by your website, starting from the Apache and PHP versions, ending up with CMS, Plugins, and Themes.
WebARX checks if the website is mentioned in hacker forums and communities, if there are any signs of malware on the site or if the site is blacklisted on any search-engines or antivirus vendors. Security scans will trigger alerts when vulnerable software or errors are detected on any of your sites.
WebARX performs uptime monitoring on every website every five minutes. From that, you will get a weekly SLA% report for each website you have added.
As you know, when a website ends up in a blacklist it’s a long and infuriating process to get out. WebARX will perform frequent checks if any of your websites is listed in Search Engines or in any Anti-Virus company blacklists right after you have added your site so you can act before any real damage to your website reputation.
With monitoring, you can set up and choose your most preferred alerting options. You can currently choose between Slack and Email.
WebARX website firewall (WAF) is always up to date with the latest attack information and is protecting your sites in real-time. Thanks to our own threat intelligence we update our website firewall frequently by sending virtual patches.
By doing so we can make sure that your website is safe from the latest attack methods which hackers use to gain access to the sites.
Under the firewall logs view you can see what kind of attacks have been blocked on your website, what are they targeting and where they are coming from. The attack severity varies from low to high depending on the type of attacks and relevance to the software the site is using.
When hovering on the attack vector marked as ‘TYPE’ you can see a quick explanation about what kind of threat was blocked by our website firewall. When you click on ‘POST’ under Method – you will get the information about the blocked content.
Would you like to know if someone was trying to guess your WordPress password? With activity logs, you can see how many attempts of failed logins you have on your site and where they are coming from. It comes especially handy when you have a website that has more than one admin so you can easily monitor their activity.
After connecting the site with WebARX, you can easily hide the default admin panel which usually reduces brute-force attempts by 90%.
In many cases, out-dated software is the biggest issue on the website when it comes to security. It’s important to keep an eye on the software versions, keep them frequently updated.
WebARX will monitor your software versions and will give alerts when any of those need updates, are vulnerable or are posing any security risk to your site.
The team management feature will give teams an option to assign roles, permissions, and access on a different level for each user under one leader account. All the team members are encouraged to create an individual account to access WebARX portal.
You can access to feature from your account in WebARX portal and you can find the team management tab on your left menu. To learn more about team management in WebaARX see here.
We have been working on the backup functionality for quite some time to find an optimal way to allow digital agencies and web developers to keep their backups off-site with WebARX.
There were two principles we followed:
1) Backups would be stored off-site
2) Only you will have access to the backups
With WebARX you can generate a website security report for each website you secure and monitor. You can find the reports if you log into your account and look for Reports – Generate Site Reports from your left-side menu in WebARX Portal.
With security reports, you can easily send a security overview of a website to your clients or company. To learn more about security reports see here.
If you need to manage security on all your WordPress sites, WebARX will be perfect with its central security dashboard. With WebARX you can adapt advanced security techniques and gain complete security overview.
WebARX can be installed on any PHP application (including WordPress, Joomla, Drupal, Magento, Laravel, Symfony etc.).