The first thing I learned amazed me: Joomla 1.6.x to 2.5.2 suffered from a ”privilege escalation” exploit that allowed hackers to create a super administrator in two simple steps. I was surprised, because none of my earlier tips cover this exploit till 2.5.3. So if you haven’t already upgraded to the latest Joomla version – do so ASAP!
Incapsula presented this exploit in the JWC session as an example of one vulnerability against which they protect Joomla websites. The reason they know this is that they’ve got a team of security analysts scanning for new vulnerabilities, creating custom security rules which identify attempts to exploits these vulnerabilities, and instantly block all exploit attempts on all websites under their service.
What’s Incapsula, and Why Do I Care?
Incapsula is a cloud service that protects and accelerates any website (notably, Joomla-based sites), without changing the site or requiring any hardware/software installation. All you do is make a simple DNS switch, and your site is accessible through their global network of servers.
Incapsula basically acts as an intermediary between your site and your visitors - delivering your content from the nearest location in its network to your visitors, and filtering malicious traffic. These services were once available only to the big websites, the ones that could afford the time and expense of setting them up. Incapsula’s cloud-based service is WAY affordable (they even have a free plan) and it takes 5 minutes to set up.
Before you could only join Incapsula and manage your account through their website. But recently they announced the release of an extension for Joomla, a new back-end component that allows Joomla website owners to sign up for Incapsula and manage their website security and performance from the Joomla admin area.
This intrigued me, so I gave this extension a test drive. Here’s how it works.
Step by Step: Get Started
- Download and install the Incapsula extension.
- After you install the component, go to your components menu, and find Incapsula.
- Create an account, filling in your email, and choosing the domain you want to add to Incapsula (the default domain is that of your Joomla admin, but you can change this).
- If you’re already registered for the service, you can login by clicking the “Click here to Login” link.
- Next you’ll get instructions to make a simple change in your DNS records. Don’t worry – there’s no risk, and no chance of slowing your site or causing downtime.
- Once your DNS changes are completed, you’ll get access to Incapsula’s Dashboard.
The Incapsula Dashboard
When you sign up for Incapsula as per the above, you automatically get access to their free plan (unless you need SSL support, which requires upgrading). The free plan dashboard has three sections:
Here you get insights about traffic to your site, and visitor stats showing both Bot and Human traffic (Google Analytics, for example, shows only Humans).
Incapsula’s free plan protects from “bad bots” like spammers, scrapers, vulnerability scanners, fake registrations, etc. Incapsula’s ‘Business’ Plan adds a PCI-certified Web Application Firewall to protect against SQL Injection, Cross Site Scripting, and other malicious hacking attempts. The service also includes a protection from network and application DDoS attacks.
The Threats table shows you exactly what attacked your website and whether it was blocked. For each security incident, you can view a detailed session report and change the settings (blacklist/whitelist IP’s, user agents, countries, etc.)
CDN and Optimization
Incapsula accelerates websites by:
- A global CDN (Content Delivery Network): getting the website’s content closer to the visitors 2) Content Optimization – including magnification, compression, and connection.
- The CDN statistics section shows you how many requests and how much bandwidth you saved, and the traffic distribution by data center
Note that the Joomla component only shows a part of the data Incapsula maintains about your website. In all three component sections, there are links to Incapsula’s web app, where you can get more info and reports on your website traffic, security and performance.
Incapsula’s component is a great way to get free website protection and acceleration, and manage it all from the Joomla admin. This not only improves website performance and availability – but also saves time, as you don’t have to upgrade your Joomla version or install a patch each time a new vulnerability is found.
In addition, if you develop and maintain Joomla websites, the service can provide great added value to your customers. Incapsula also offers a reseller plan where you can add your customers’ websites under your reseller account. Their service also has simple integration solutions for hosting providers. This solution has easy integration, that allows you to add Incapsula services to your hosted websites in one click. This not only protects and boosts your customers’ sites, but actually saves you bandwidth and reduces your support overhead. This is the reason I’ve started to use it on the Israeli Joomla Community website.