Important note: If you are going to enable multiple CloudFlare security application for your domain, then keep in mind that they may interfere with one another or may conflict with the functionality of an existing security plugin of your installation. If your site is not working as expected, then you are required to disable the CloudFlare application which you have recently enabled or simply uninstall the plugin which is conflicting with CloudFlare. Keep in mind that if a plugin in your installation blacklists the IP addresses of any of the below mentioned applications, then you will have to whitelist them manually or contact your host.
1. A Better Browser: If your blog visitors are using an older version of a web browser like Google Chrome, Internet Explorer, Mozilla Firefox, Opera, Safari etc., then this CloudFlare application will add a text message at the top of their browser that they are using an outdated browser:
The message will also point your visitors to a website where they will be able to download the latest version of the browser that they are currently using. You can also style the message as per your site’s background color and visual appearance.
2. STOP the Hacker: This is a paid add-on application for your CloudFlare account which detects and protects your website from known and unknown malware/hacker. The service can scan your entire installation for malicious code and if it finds one, then it can automatically get rid of the code from your installation.
While writing this post, the service is offering following plans to everyone:
- Reputation Monitoring: $2.95 per month.
- Basic: $8.95 per month.
- Professional: $17.95 per month.
- Business: $44.95 per month.
When you buy a paid plan from the service, it will include following features:
- Website Reputation Monitoring and Blacklist check using popular services like Spamcop, Bing, Google, Yahoo, Phishtank, Web of Trust (WoT) etc.: The service will monitor the database of various spam checking services and will notify you if your site has been blacklisted by any one of them, so that you can take proper measures (with the help of your host) to whitelist your site again.
- Uptime monitoring and reports for your site: If your site is down due to some ongoing maintenance of your server/data center or due to network connectivity failure, then the service will notify you about the downtime almost instantly.
- Vulnerability Scan: The service will scan your installation for possible vulnerabilities like you are using an older version of your site’s CMS, scripts or plugins with security issues. Vulnerabilities makes your site vulnerable to hacking attempts.
- Trust seal: The service will provide you with a Trust Seal that you can use with your website. This will show your visitors that your website’s identity is verified and they can browse your site without facing any security issues. Trust Seal can be considered highly useful if you are running an e-commerce site.
3. SiteLock: SiteLock is another paid add-on application in your CloudFlare account which provides your site with a trust seal that you can display to your visitors/customers:
The service protects your online reputation by constantly monitoring your site for active malware, Cross Site Scripting (XSS) attacks, SQL injection and other type of sophisticated attack techniques.
SiteLock actively scans your website as well as network for vulnerabilities. It also monitors search engine as well as other blacklists to make sure that your visitors are viewing your website without any problem worldwide.
While writing this post the service is currently offering following plans for everyone:
- Premium: $19.99 per month.
- SMB enterprise secure: $29.99 per month.
Above plans allows you to actively monitor your site for:
- SQL injections
- XSS Attacks
- Third Party Applications like plugins, modification etc.
- Malware like Viruses, Adware, Spyware etc.
You will get instant alerts and email notifications from the service, if it finds anything critical/fishy. Either you can get rid of the problem yourself manually or you can make use of SiteLock’s on demand experts, who can help you with almost all security issues that your site is currently having. Once you have purchased a plan from SiteLock, you can access your dashboard using this link: https://secure.sitelock.com/login.php.
CloudFlare also allows you to choose the location where you’d like to show the trust Seal. It can be either in the bottom right or on the bottom left corner of your site:
4. ScrapeShield: ScrapeShield is a free add-on application for your CloudFlare account which protects your website’s content (text, images etc.) from being plagiarized on other websites.
Page content protection: When you enable this feature of the add-on, it will constantly monitor each and every page in your blog and will notify you when someone plagiarizes your content. The service will also let you know the URL where your content has appeared, so that you can take proper actions like going for DMCA (Digital Millennium Copyright Act) complaint with Google and web host of the offending domain.
In case you want to track more pages outside your WordPress blog, but within the same domain, then all you need to do is to enter following comment in the HTML template of the pages which you’d like to track:
Block Pinterest: Pinterest is a popular website which is used to share images with a person’s followers, friends and other people. Suppose you are a professional photographer and you have hosted all your clicked photographs in your WordPress blog. Now if you do not want your photos to appear on Pinterest, then all you need to do is to turn on the slider in front of Block Pinterest and ScrapeShield will automatically add following snippet to each and every page of your website, which instructs the service not to use content from your blog:
<meta name=”pinterest” content=”nopin” />
Tip: If you know how to code or edit theme files of your blog, then you can also insert the above snippet manually in your WordPress theme (possibly in header.php).
Email obfuscation: Email address harvesters (web bots) are always crawling the web, so that they can collect new email addresses and then can send bulk spam to these ids. If your blog has a contact page and you have posted your email address there in plain text, then chances are very high that these bots will pick up your email address sooner or later. Email obfuscation service from ScrapeShield scrambles your email address so that it becomes invisible to all the bots, but is visible to legitimate human visitors only:
Hotlink protection: Suppose you are a wildlife photographer and you have posted many high-quality images of various animals (fellow earthlings) in your blog. Now someone starts embedding these images in his site and as a result your hosting/CDN account’s bandwidth gets affected. Stealing bandwidth of someone else’s account by embedding images is known as hotlinking and ScrapeShield can help your prevent hotlinking of all major image file extensions viz. PNG, JPEG, GIF etc.
Turn the slider present in front of Hotlink protection to ON position and after this if someone tries to embed your images in his site, then he will always see a broken image file like this:
How to bypass hotlink protection: Suppose you have 2 domain names viz. pqr.com and xyz.com, and you have enabled hotlink protection for pqr.com. Now you want to use certain images of pqr.com on xyz.com, then in this case you need to create a folder with name hotlink-ok in the root directory of pqr.com and host all the images that are allowed to be hotlinked and ScrapeShield will allow all the images to be hotlinked.
5. GamaSec: GamaSec is a paid CloudFlare add-on which make use of cloud computing to scan your website for vulnerabilities, XSS, SQL injection, Cross frame scripting, command execution, code injection etc. The service is currently providing everyone with following plans:
- GamaWare: $7.99 per month.
- GamaScan: $16.99 per month.
- GamaShield: $23.99 per month.
The service also provides you with a trust seal which gives your visitors/customers complete peace of mind, as they will be assured that they are browsing/making transactions on a secure site.
6. CodeGuard: CodeGuard is not a security add-on, but it is worth mentioning in this section as because it allows you to backup your entire website to an off-site server. The service automatically open its connection with your server once every day and compare your website files with the previous backup to determine how many and which files have been added/changed/deleted since then?
The service can also restore your entire site almost instantly if something goes wrong. For example, if a hacker manages to delete all your files and directories from your server, then you can recover all of them using the last backup made by the service. Also, if many files on your server have been infected with a malicious code, then you can overwrite all of them with a clean version using CodeGuard’s previous backup.
For restoring your website files and folders, all you need to do is to select which backup you would like to restore and after that you can either perform a manual restore by downloading a zip file of your entire backup or automatically restore your whole site using the one click restore feature provided by CodeGuard. In case you do not want to restore everything, then you can also select and restore individual files as per your requirements.
While writing this post following are the plans that CodeGuard is currently offering to everyone:
- $5/month Personal Plan: This plan allows you to add one website to your CodeGuard dashboard. It can be considered best for bloggers and novices who want to try the service. The plan comes with daily backup and monitoring, 5 GB of backup space and full email support.
- $99/month Professional Plan: This plan can be considered useful for designers, small businesses and developers. It gives you 125 GB of backup space in total and allows you to add 25 sites to your dashboard. All your websites will be monitored regularly and the backup will be created on a daily basis. You are also entitled for email and phone support from the service, some advanced security features, client access and reporting.
- $299/month Enterprise Plan: This plan can be considered suitable for large businesses as it allows you to add 100 websites to your dashboard and gives you 500 GB of backup space. Once added, all your websites will be fully monitored and daily backup will be created. You are also entitled for email and phone support from the service, some advanced security features, client access and reporting.
Notes about CodeGuard backup service:
- The service will constantly check for files that have been changed since the last backup. If it detect changes in certain files then all of them will be automatically transmitted to CodeGuard’s servers either via FTP or SFTP. This greatly reduces your server’s bandwidth consumption and resource usage.
- While writing this post the service can only backup MySQL databases. You are also required to contact your host and ask them whether it is necessary to white list CodeGuard’s IP addresses on your server. If their answer is YES, then contact CodeGuard’s support and they will provide you with a list of IP addresses.
- The service stores your backup on Amazon’s Simple Storage Service aka Amazon S3, which is a highly reliable and widely used cloud storage service from Amazon.com.