Cloudways should add DDoS protection service
DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks
After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).
We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).
Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.
Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.
Zander Grinfeld commented
WAFs that add a challenge page before your site loads are no good. We struggle constantly to shave microseconds off page load times. We tried stackpath and it adds about a second...
This is a scam
It is one of the only web hosts that do not have normal security in place.
The second I moved to cloudways all of my websites were attacked and got spam nonstop.
I am so disappointed
"We know this is well overdue and want to get it rolling."
It's now going on 4 years since Cloudways responded to the OP... which is now over 5 years ago.
How much longer? Another 2 years? 5 years? 22 years? Seriously, how much longer is this going to go from "planned" to "implemented"?
Matt He commented
I am very supportive of your point of view. One of my clients' image website sites( https://www.pinpng.com ) mainly provides free image downloads. A large number of DDoS attacks received last month caused the site to crash for several days. The impact on the site is very large.
+1 for StackPath WAF/DDOS option
What is the status on this service
Fabio Fava commented
We already have CDN by StackPath, and it works very well. DDoS is mandatory these days, most WordPress sites are being attacked in an hourly base. Most hosting companies offer some kind of effective DDoS included on the server package, and this should be the rule.
Sucuri (as well as Cloudflare) is very hard to setup, costs pretty expensive money and is definitely not for the average Cloudways customer (like me). So please, include in some way a DDoS or full WAF protection, for an extra USD per application (like the StackPath CDN) and we'll all get it.
This sounds great, what is the status on this?
2015... 3 years ago Cloudways answered on this thread!?
What do you think about StackPath (https://www.stackpath.com/)?
StackPath sound like a great option here!
Is Cloudways latest response on this from 2015? What is current status?
as already mentioned Sucuri doesn't do endpoint-security and thus can't prevent DDoS attacks against your server IP. The shield Sucuri is offering may be good, but it is only a partial solution and the service doesn't come cheap.
As you are already offering StackPath wouldn't it make sense to integrate StackPath's DoS protection?
I would also like to suggest you may talk to KeyCDN. Not so much for Dos protection but for their great CDN services.
Please implement this ASAP.
Matt Philips commented
Why don't you use Stackpath? You're already using them now for CDN...
I don't like sucuri or max CDN as none of them have POPs in India. Also, cloudflare is advantageous as you can add page rules and rate limiting at DNS level
I'm not convinced any cloud-based DDoS protection is effective against sophisticated attacks, since the server's actual IP address still faces the public internet and can often be discovered.
Ideally the infrastructure providers would make this standard (they could protect their whole operation and all customers with a single robust solution). It seems wrong to me that this is only occasionally offered, and as a premium service.
But since that's not likely to change anytime soon, what can Cloudways offer on the server-level? There must be options for this.
Riche Neepe commented
I like KeyCDN vs MaxCDN because KeyCDN has HTTP/2 and Free Lets Encrypt SSL zones.
SSL zones on MaxCDN are like $20/month the.
Toby Karlevid commented
What about Wordfence and KeyCDN? that would be my vote / suggestion
Web Application Firewalls should be server, not cloud based and should be integrated into your hosting plan, not offered as an addon. WP Engine do this for sure.
Cloud based WAF's are bad apparently: https://www.wordfence.com/blog/2016/10/endpoint-vs-cloud-security-cloud-waf-bypass-problem/
Cachefly or KeyCDN would be great. Sucuri is not an option for low budget.