MGT WAF – Web Application Firewall for Magento
Magento security is a topic of enormous importance for every Magento shop owner. Google blacklists around 20,000+ websites every day for malware and around 75,000 for phishing every week.
All Magento shops are attractive targets to hackers because of sensitive data like personal addresses or payment information required to complete a sale.
Even if the Magento shop does not directly process credit card data, a compromised shop might reroute customers to another website or alter an order before it is transmitted to the payment processor.
As a specialized hosting provider for Magento on AWS, we want to make sure your e-commerce business is secure at all times. In this blog post, we will explain:
- What is WAF?
- How MGT WAF Web Application Firewall works
- How does it protect your Magento shop against all of these attacks?
In this blog post, we will explain what a web application firewall is, how MGT WAF is working, and how it protects your Magento shop against all of these attacks.
What is a Web Application Firewall (WAF)?
A Web Application Firewall is an essential security product that protects web applications from attacks and filters malicious traffic before it reaches your server. It helps ensure that your regular Magento security scans are passed. A Web Application Firewall protects you against known threats such as SQL Injection (SQLi), Cross-Site-Scripting (XSS), DDoS Attacks, Cross-Site request forgery (CSRF), file inclusion, clickjacking, and many more.
What is MGT WAF?
MGT WAF is a managed Web Application Firewall on top of the AWS WAF that protects your Magento shop against common web exploits that may affect availability, compromise security, or consume excessive resources. For Magento 2, we have developed a module that our customers can block countries, IPs, and Bots independently. Furthermore, the rate limit for blocking IPs automatically can be adjusted.
Benefits of MGT WAF
- Denial-of-Service Attack Mitigation: Mitigation against DDoS attacks to prevent downtime
- SQL-Injection Protection: SQL-Injections on headers, query parameters, inputs and body data are filtered
- Cross-Site Scripting Protection: Prevents attacks against Cross-Site Scripting (XSS)
- Linux Attacks: Request patterns are blocked associated with the exploitation of vulnerabilities specific to Linux, including LFI attack
- Rate-Limit: Protection against HTTP Flood, which may affect the performance and availability of your shop
- Full Visibility: Real-time metrics are provided with information about IP addresses, geolocation, URIs, user agent, and referrers
- Country Blocking: Block traffic from unwanted countries
- Bot and IP Blocking: Bad bots, crawlers, and IPs can be blocked to deny access
- Auto-updates: Updates against new malicious attacks are automatically applied
- Magento Backend IP Restriction: Magento backend can be restricted by allowing a set of IPs to enter
- Fully Supported: MGT WAF is fully managed and supported by our team
Visibility in Real-Time
Real-time metrics and captures raw requests that include details about IP addresses,
Geo-locations, URIs, User-Agent, and Referers are displayed in real-time.
Magento 2 Module
We have developed a module for Magento 2. Our customers can block IPs, countries, bots and configure the rate limit to prevent HTTP flood attacks that may affect availability and performance.
Speaking of performance: Check out all there is to know about Magento 2 speed optimization.
- IP Blocking: IPv4 and IPv6 IP addresses can be blocked
- Country and Bot Blocking: Traffic from unwanted countries and bots can be blocked
- Rate-Limit: IPs are automatically blocked after hitting the limit
- Rate Limit Whitelist: Whitelist IPs which should not be blocked, e.g., your office IPs
- Magento Backend IP Restriction: Whitelist IPs which should have access to your Magento backend
MGT WAF is available for Magento 2 and Magento 1. The official support for Magento 1 ends in June 2020.
At this point, no security patches are provided anymore by Magento. Running a Magento 1 shop without a security service before June 2020 is very dangerous and could be a very attractive target for a hacker.