Your website WAF can be accessed by clicking on the security link in your domain dashboard.
The Threats tab shows you all the events picked up by the WAF or any configured blocklists.
Requests blocked by a WAF rule have a symbol which can be clicked to show which rules triggered the event.
When viewing the WAF event detail you may choose to disable the triggered rule for future visitors.
The Access Lists tab provides you with control over who has access to your website based on IP or country code.
Preset block lists
Peakhour provides users with access to a set of high quality ip reputation blocklists. These include:
- IPs with a poor reputation
- Computers infected with malware
- Active attackers
- Robots and web scrapers
- Forum and comment spammers
- TOR anonymous users
- Anonymous proxies
- Uncategorised potentially malicous IPs
Enable none or all to protect your site.
You have the ability to blacklist/whitelist individual IP addresses, eg 184.108.40.206 or an IP range, eg 220.127.116.11/24 or even an entire country by country code, eg CN.
The WAF may be set to three modes:
- Disable - turn it off
- Warn - do not block any visitors but generate events to indicate who would be blocked
- Enabled - block visitors that match your configured rules
Peakhour provides three best of breed rulesets for use with your website. Configure none, one or all of them for maximum protection.