Personable Media

The Most Effective Website Creators On Earth

303-800-5415
  • HOME
  • ABOUT
    • Give Back Program
  • Services
    • New Websites
    • After Your Website Is Up
    • Lead Generation
    • Business Listings & Reviews
    • Start Your Own Website Blog
  • VIDEOS
  • Articles
    • WordPress
    • Lead Generation
    • Blogging
      • Website Design & Development Experts
    • Social Media
    • Give Back
  • Reviews
  • Book
    • Update Payment Method
  • Toggle Mobile Menu
  • Toggle Search
  • 303-800-5415
  • Twitter
  • Facebook
  • Videos
  • Photos
  • Email

Should I Use GoDaddy’s Website Application Firewall On My Website?

June 7, 2021 by Justin Daniel

We are always striving to give our clients the best experience with their website. With the ever evolving world of website technology website security is more important now more than ever. We are adding the option of Website Application Firewall (WAF) for our websites to add a more secure experience for our clients and their visitors. We partner with GoDaddy to offer Website Security plans powered by the Sucuri cloud-based security solutions.

What does the Website Application Firewall offer?

Key Features:

  • Website Acceleration, caching and CDN (Content Delivery Network).
  • Brute force protection on pages and login.
  • Virtual patching and hardening to improve your security posture.
  • Full DDoS (Distributed Denial of Service) protection on all plans.
  • PCI compliance.
  • Blocks malicious bots and vulnerability scanners from reaching your website.
  • Protection against SQL Injections, XSS (Cross-Site Scripting), RCE (Remote Code Execution), and all known-attacks.
  • Advanced Access Control Features like password protected pages or IP address restricted pages.

How does the Website Application Firewall work?

The firewall acts as a security checkpoint before traffic goes to your website and hosting server. The firewall will filter the requests coming to your website and block any bad or malicious requests.

Website Request Workflow
Visitor > WAF > Hosting Server > WAF > Visitor

When a request is blocked by the firewall you will see a HTTP 403 Forbidden response. In the browser you will see a message with the header “Access Denied – GoDaddy Website Firewall”. If you see this block message on your website and you believe the block to be a false positive, please provide us with a screenshot of the “Access Denied” message and we will be more than happy to investigate the issue. The WAF does have the ability to allow an IP or a website URL path to avoid filtering if needed.

WAF Server Locations:

  • North America
    San Jose, CA, US
    Chicago, IL, US
    Dallas, TX, US
    Miami, FL, US
    Washington, DC, US
  • Europe
    London, GB
    Amsterdam, NL
    Frankfurt, DE
    Sophia, BG
  • Asia
    Tokyo, JP
    Singapore, SG

What is a DDoS Attack?

A Distributed Denial of Service (DDoS) attack is a non-intrusive way attackers can attempt to bring down your website. A non-intrusive attack means the attack is not exploiting any vulnerabilities of the website coding or configuration. The primary goal of a DDoS attack is to slow down or completely bring down your website by bombarding the website with more traffic than it can handle so legitimate user traffic is stopped from accessing the website. The WAF will detect and block the DDoS attacks before they reach your website or hosting server.

Does the CDN & Caching speed up my website?

The WAF CDN is built to help speed up your website around the world! The WAF CDN is responsible for caching your website automatically, the CDN is able to speed up your website by up to 70%. The WAF network has CDN servers around the world (5 in North America) that saves your website content, so no matter where your website traffic is coming from your website will load quickly.

Website Caching:

  • Page Caching Time: 180 minutes.
  • Redirects (HTTP 301/302) Caching Time: 180 minutes.
  • Not Found (HTTP 404) Caching Time: 4 minutes.

The WAF caching is here to help speed up your website and also works to help reduce the requests that go to the hosting server. The less requests that go to the hosting server, the less resource usage on the hosting server. Static files (jpg, png, js, css, pdf etc..) will be cached for 3 days, this is done to prevent certain types of DDoS attacks. We will install and activate the WAF companion plugin in your WordPress website that will be configured to automatically clear the WAF cache when publishing  your website pages or posts.

WAF Traffic Logging

The WAF offers Real Time logging in the firewall dashboard which allows us to monitor every allowed request on your website. The Audit logging allows us to see detailed information on blocked requests on the website and offers searchable history of requests. This is the tool we will use to see we need to apply a Geo Block. Geo Blocking is where we block an IP address based on the registered country for the IP address, this way we can restrict access to only your market country or block known malicious attacks from a specific country.

Does the WAF make my website PCI DSS compliant?

Yes, just having your website behind the WAF makes your website Payment Card Industry Data Security Standard (PCI DSS) compliant. We can even supply an Attestation of Compliance (AOC) document by request. The firewall does allow penetration testing if you are needing to have it test with the firewall active or even bypassing the firewall rules.

What does this mean to you, the business owner?

You will benefit from the peace of mind knowing your website has advanced security and optimized by the CDN and caching provided by the WAF. The firewall gives us the ability to quickly and effectively stop malicious attacks on your website. The WAF provides detailed and organized logging in case any reviews are needed. With all these factors considered, it means smoother sailing for you and your website visitors.

We can help you with a WordPress website that works the way you expect it to. Reach out to us via our contact page or schedule a call with us below.

1624 Market Street #202, Denver, CO 80202
and 12+ Office Locations across the Denver Metro

Next Post »
«Previous Post

Filed Under: Technology, Website Design, Website Development, Hosting & SEO

About Justin Daniel

Sr. Analyst for GoDaddy Website Security and Website Hosting & Lead Support Technician and Solutions Engineer at Personable Media. In his free time Justin enjoys continuing to learn and master any website or hosting related coding, configuration, or automation. He is also an active gamer when time allows. Justin resides in Iowa with wife Dayna, 2 daughters, 2 cats, and 2 corgis.

Website created just for Personable Media | Websites For People | Denver, Colorado | All Rights Reserved | Privacy Policy

Heath will call you back, shortly.

"*" indicates required fields

Shipping Address*

New Customer Intake Form

"*" indicates required fields

Leave blank if not applicable
This program includes building a new website, aligned business listings, targeted reviews, search ad account creation, paid ads and implementation.

Locations

Aurora
6105 S. Main Street, Suite 200
Aurora, Colorado 80016

Boulder
4845 Pearl East Circle, Suite 101
Boulder, Colorado 80301

Broomfield
11001 West 120th Ave, Suite 400
Broomfield, Colorado 80021

Cherry Creek
501 S. Cherry St., Suite 1100
Cherry Creek, CO 80246

Denver
1624 Market Street, Suite 202
Denver, Colorado 80202

Denver Metro North/Northglenn
11990 Grant Street, Suite 550
Northglenn, CO 80233

Fort Collins
2580 East Harmony Road, Suite 201
Fort Collins, Colorado 80528

Greenwood Village
7350 East Progress Place, Suite 100
Greenwood Village, Colorado 80111

Golden
14143 Denver West Parkway, Suite 100
Golden, Colorado 80401

Lakewood
355 S. Teller Street, Suite 200
Lakewood, Colorado 80226

Littleton
4 W. Dry Creek, Suite 100
Littleton, CO 80120

Louisville
357 S. McCaslin Blvd, Suite 200
Louisville, Colorado 80027

Lone Tree
9233 Park Meadows Drive
Lone Tree, Colorado 80124

South Hover Longmont
1079 S. Hover Street, Suite 200
Longmont, CO 80501

Schedule An Appointment

Book A Free 20m Strategy Call With Us

Pick your time on the next page.

Pick The Time For Your Call. Schedule Now ⬇️

Heath will call you back shortly.

Complete this form to send us a message. Our team monitors everything submitted through this form and we will reach back out to you promptly.

Zapier Automation Masterclass

Purchase Form

Lead Generation Quote

Get Coffee

Request A Logo Quote
Request A Website Quote
Apply For Blog Coaching