WAF Qrator
Please note that any website can be subject to DDoS attacks and hacking.
If you are hosting your website (application) infrastructure in Selectel, we recommend that you activate tamper protection WAF Qrator.
To protect against hacking, you first need to protect the site at the network level, then protect the application — this is done by connecting Qrator protection (from both L3 and L7) and Qrator WAF.
Read more about the protection provided by Qrator in article.
WAF allows you to identify and block attacks that are on the OWASP Top-10 threat list:
- injections;
- Authentication and session management shortcomings;
- Cross-site scripting (XSS);
- unsafe direct references to XML objects and external entities (XXE);
- incorrectly configured security settings;
- access control deficiencies;
- Cross-site request spoofing (CSRF);
- unsafe deserialization;
- Use of components with known vulnerabilities;
- unchecked redirects and forwards;
- shortcomings of journaling and monitoring.
Principle of operation
Qrator Labs' integrated WAF solution, based on SolidWall WAF, is a tool to close web application vulnerabilities. As a member of the broad WAF NG class, this solution uses a positive model to protect web applications — but unlike others, it contains a negative query analysis model inside. This combined approach allows for a significant reduction in implementation resources. This is due to the fact that any positive model needs to be trained, which requires significant time and labor and takes on average 1 to 3 weeks, during which time the web resource remains virtually unprotected. The integrated solution from Qrator Labs together with SolidWall WAF, which already has a negative model inside it, allows you to immediately cut off a wide class of vulnerabilities.
Cost
The service is provided according to tariffs:
- Elementary WAF
- Advisory WAF
The billing period is a calendar month. The subscription fee is charged in full on the 1st day of each month. The start of commercial use of the service is agreed individually.
The traffic bandwidth is measured every three minutes. The 30th maximum value in a month (1.5 hours) is not counted. The 31st maximum value is the desired bandwidth value.
The amount of legitimate traffic included in the service package is 3 Mbps. If the included amount of legitimate traffic is exceeded, additional traffic is paid for separately upon use.
Connect the service
On site you can leave a request for connection.
To connect WAF Qrator:
- In control panels go to Network services tab DDoS protection.
- Press the button Order services.
- In the list that opens, select the required service according to the selected tariff and press the button Pay.
- In the window that opens, specify the payment period.
- Press the button Pay.
Set up protection
To access your personal account Qrator enter the login and password you received in the ticket.
In your personal account you can track:
- monitoring dashboards;
- display of security events with grouping support;
- displaying the log of blocked transactions.
When connecting the Advisory tariff in the personal cabinet, there is an option to enable/disable protection and false alarm suppression.
Deactivate the service
In order to disconnect the service, file a ticket.
The amount of the subscription fee is fixed and does not depend on the duration of services rendered in the reporting period.
30 calendar days before the disconnection, a corresponding notification will be sent in the ticket. Upon agreement, disconnection is possible from the 1st day of the next calendar month. Subscription fee for the current period will not be refunded.