WAF Qrator
Please note that any website can be subject to DDoS attacks and hacking.
If you host your website (application) infrastructure in Selectel, we recommend that you enable WAF Qrator tamper protection.
To protect against hacking, you first need to protect the site at the network level, then protect the application — this is done by connecting Qrator protection (from both L3 and L7) and Qrator WAF.
Read more about the protection provided by Qrator in article.
WAF allows you to identify and block attacks that are on the OWASP Top-10 threat list:
- injections;
- Authentication and session management shortcomings;
- Cross-site scripting (XSS);
- unsafe direct references to XML objects and external entities (XXE);
- incorrectly configured security settings;
- access control deficiencies;
- Cross-site request spoofing (CSRF);
- unsafe deserialization;
- Use of components with known vulnerabilities;
- unchecked redirects and forwards;
- shortcomings of journaling and monitoring.
Working principle
Qrator Labs' integrated WAF solution based on SolidWall WAF, a tool to close web application vulnerabilities. As a representative of the broad class of WAF NG, this solution uses a positive model to protect web applications — but unlike others, it contains a negative query analysis model inside. This combined approach allows for a significant reduction in implementation resources. This is due to the fact that any positive model needs to be trained, this requires significant time and labor costs and takes on average 1 to 3 weeks, during which this web resource remains virtually unprotected. The integrated solution from Qrator Labs in conjunction with SolidWall WAF, which already has a negative model inside it, allows you to immediately cut off a wide class of vulnerabilities.
Cost
The service is provided pursuant to tariffs:
- Elementary WAF
- Advisory WAF
The calculation period is a calendar month. The subscription fee is charged in full on the 1st of each month. The commencement of commercial use of the service is agreed upon on an individual basis.
Traffic bandwidth is measured every three minutes. 30 maximum values per month (1.5 hours) are not counted. The 31st maximum value is the desired band value.
The amount of legitimate traffic included in the package of the provided service is 3 Mbps. If the included amount of legitimate traffic is exceeded, additional traffic is charged separately on a per-use basis.
Connect the service
On the website you can leave a connection request.
To connect WAF Qrator:
- In Control Panel, go to Network Services and click the DDDoS Protection tab.
- Click the Order Services button.
- In the list that opens, select the required service according to the selected tariff and click Pay.
- In the window that opens, specify the payment period.
- Click Pay.
Customize protection
To access your Qrator account, enter the login and password you received in the ticket.
In your personal account you can track:
- monitoring dashboards;
- display of security events with grouping support;
- displaying the log of blocked transactions.
When connecting the Advisory tariff in the personal cabinet, there is an option to enable/disable protection and false alarm suppression.
Deactivate the service
To disable the service, create a ticket.
The amount of the subscription fee is fixed and does not depend on the duration of services rendered in the reporting period.
A 30 calendar day notice will arrive in the ticket 30 calendar days prior to disconnection. Upon agreement, disconnection is possible from the 1st day of the following calendar month. Subscription fees for the current period are non-refundable.