Protect your website with CloudProxy and MaxCDN
April 18, 2014 | David Henzel
We’ve recently partnered with Sucuri CloudProxy to make website security a snap. CloudProxy is a Web Application Firewall (WAF) and intrusion detection system (IDS) that sits in front of your website.
It protects from a huge variety of attacks, ranging from distributed denial of service (DDoS), SQL injection, and cross-site scripting. New vulnerabilities are found all the time, and you want a security team working for you that’s addressing threats as they arise (CloudProxy would keep you protected against Heartbleed).
Sounds great, right? Let’s set it up.
Enhancing your website with both MaxCDN and CloudProxy is straightforward. Here’s how it works:
MaxCDN uses CloudProxy as the origin server for requests
CloudProxy scans for vulnerabilities before sending the request to your website
Step 1: Setup CloudProxy
If you’re setting up CloudProxy for the first time, make sure it knows your Internal IP address, where your website is actually hosted:
In this case, the Internal IP address is 188.8.131.52.
Next, tell CloudProxy that it will be sitting behind MaxCDN. Enable the CDN option in the dashboard and select MaxCDN:
The page tells us we’ll need to set the origin IP in MaxCDN to a CloudProxy IP address (184.108.40.206).
Step 2: Setup MaxCDNIn MaxCDN, change your Pull Zone to use the CloudProxy IP as the origin.
Now, when a request is made for a resource that’s not on the CDN, it’s sent to CloudProxy, checked for security, and routed to your site.
Because there’s an extra layer of redirection to track, enable the X-Forwarded-For HTTP header in the pull zone Edge Settings:
Remember, this extra redirection only impacts the small number of requests that aren’t yet cached on the CDN.
Now you’re all set: blazing MaxCDN performance with the security of Sucuri CloudProxy.