We’ve been implementing web firewall services here at The Byte Wizards HQ (otherwise known as WAF). There are, of course, some products that already provide this service. The first one that comes to mind is Cloudflare. The base cloudflare pro product is $20/month, which is already very close price wise to our entire set of maintenance features. So we don’t feel it’s value for money. You could try to sneak your site onto their free plan – but then tests show that whilst they block things like trying to access wp-config.php in sneak ways, they don’t block simple threats like trying to access .env files.
The next thing that comes to mind is wordfence. Again their is a free offering. But like Cloudflare it is rendered all but ineffective, this time not with bad rules but with a 30 day delay on them. Who wants to be vulnerable for 30 days? The package that wordfence recommends is a managed service at $490. Roughly double our entire set of services.
So we think we can bring value to our clients by implementing our own into our offering. Enabling us to push out new rules quickly to tackle emerging threats. Watch this space.
