I suggest you ...

Cloudways should add DDoS protection service

DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

315 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
planned  ·  AdminCloudways (Admin, Cloudways) responded  · 

After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

Cloudways Team

45 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Fabio Fava commented  ·   ·  Flag as inappropriate

    We already have CDN by StackPath, and it works very well. DDoS is mandatory these days, most WordPress sites are being attacked in an hourly base. Most hosting companies offer some kind of effective DDoS included on the server package, and this should be the rule.

    Sucuri (as well as Cloudflare) is very hard to setup, costs pretty expensive money and is definitely not for the average Cloudways customer (like me). So please, include in some way a DDoS or full WAF protection, for an extra USD per application (like the StackPath CDN) and we'll all get it.

  • Anonymous commented  ·   ·  Flag as inappropriate

    StackPath sound like a great option here!
    Is Cloudways latest response on this from 2015? What is current status?

    Thanks!

  • Leonardo commented  ·   ·  Flag as inappropriate

    A.
    as already mentioned Sucuri doesn't do endpoint-security and thus can't prevent DDoS attacks against your server IP. The shield Sucuri is offering may be good, but it is only a partial solution and the service doesn't come cheap.

    B.
    As you are already offering StackPath wouldn't it make sense to integrate StackPath's DoS protection?

    C.
    I would also like to suggest you may talk to KeyCDN. Not so much for Dos protection but for their great CDN services.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I don't like sucuri or max CDN as none of them have POPs in India. Also, cloudflare is advantageous as you can add page rules and rate limiting at DNS level

  • Anonymous commented  ·   ·  Flag as inappropriate

    I'm not convinced any cloud-based DDoS protection is effective against sophisticated attacks, since the server's actual IP address still faces the public internet and can often be discovered.

    Ideally the infrastructure providers would make this standard (they could protect their whole operation and all customers with a single robust solution). It seems wrong to me that this is only occasionally offered, and as a premium service.

    But since that's not likely to change anytime soon, what can Cloudways offer on the server-level? There must be options for this.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Cachefly or KeyCDN would be great. Sucuri is not an option for low budget.

  • Mike commented  ·   ·  Flag as inappropriate

    To repeat wahat surbma says, your secururi option is a non starter. It's not even something that could be considered because it's per site and not per server. Imagine having to put that on 100 different sites (which isn't even a lot)... that's 30,000/yr! It's insanity.

  • Surbma commented  ·   ·  Flag as inappropriate

    3rd party services are not a solution for multisite owners with hundreds of domains on the install. Every provider is adding protection on a domain by domain basis, which is not an option for us.

    Please consider a server side DDoS protection, that is independent from the domains pointing to it!

  • Jon commented  ·   ·  Flag as inappropriate

    I like KeyCDN vs MaxCDN because KeyCDN has HTTP/2 and Free Lets Encrypt SSL zones.

    SSL zones on MaxCDN are like $20/month

  • Umesh Joshi commented  ·   ·  Flag as inappropriate

    We believe the hosting provider / managed wp hosting should cover security so therefore we do not have to add a bloated security package on each application. This reduces the page loading speed significantly and the time it take to configure and manage each site reduces our client productivity. We have been considering other providers recently because of the above issue. We really hope you implement something soon or you will lose customers rapidly. Other competitors are also offering Cloudflare Railgun as a free service. This is a serious game changer!!

← Previous 1 3

Feedback and Knowledge Base