Website Security

Incapsula provides every website, regardless of its size, with enterprise-grade website security. Incapsula’s security expertise is based on years of experience from Imperva (Incapsula’s parent company), the leading provider of security solutions for world class enterprise sites. This core security technology has been adapted to a new cloud platform, and optimized to support websites of all sizes. Incapsula enhances security through real-time and centralized collaboration, does not require advanced security expertise and can be setup within minutes.

Incapsula’s extensive security capabilities include:

Bad Bot Blocking

With an average of 50% of websites' traffic being non-human, you do not want to leave the "front door" of your website open. Your website can suffer from bad bots and attacks as comment spammers, vulnerability scanners, content theft, fake registrations, etc. and slow performance due to server load.

Incapsula's Bot Access rule allows you to control which bots can access your web site. There are three types of bots that Incapsula considers:

	Good Bots These are bots such as Google’s search bots or Pingdom which are operated by well-known and commonly-used services. Incapsula’s client classification engine identifies these bots and allows them to access your site.
	Bad Bots These include comment spammers, SQL Injection worms and vulnerability scanners and other malicious bots that are positively identified by Incapsula.
	Suspected Bots In many cases, these bots are used by service providers that have not yet been classified by our classification engine. In other cases these could be browsers behind proxies or obfuscation devices that were misclassified by Incapsula. Incapsula will require an additional CAPTCHA security check for any suspected bot, so only human visitors can pass.

• Granular Website Access Control
  With Incapsula you can easily add an IP address, IP ranges, user agents or entire countries to your Trust and Block list. You can also decide to challenge all other suspected bots

• Instant SSL Security
  Incapsula protects your SSL traffic with a simple 5-minutes setup process. By doing so, both connections, to Incapsula and from Incapsula, are encrypted with no changes required to your existing website configuration.

• Web Application Firewall (WAF) (available for paid plans only)
  Incapsula’s PCI-certified Web Application Firewall provides protection against all the OWASP top 10 threats including: SQL injection, cross site scripting (XSS), illegal resource access and remote file inclusion. Read more

How does it all work? Incapsula’s unique website security model is comprised of several elements that together provide a holistic and robust defense mechanism against online threats:
	Visitor Identification Incapsula’s client classification engine identifies bots such as Google’s search bots or Pingdom which are operated by well-known and commonly used services, and allows them to access your site.
	Request Inspection In addition to profiling and identifying each visitor, Incapsula uses behavioral analysis and other technologies to inspect the content of each request in order to detect malicious requests.
	Crowd Sourcing Incapsula and its experienced security team constantly detect new bots and threats that arise against any website on the network. Once identified, these requests are blocked for both the particular website and the entire community. This means that Incapsula continually learns, and that every site, regardless of size, makes the system smarter.
	Application Awareness Incapsula has compiled a growing a database of all the common website Stacks, Content Management Systems and eCommerce solutions and applies dedicated security rules to proactively remediate known vulnerabilities from these sources. This lowers the need for every website owner to customize their security policy according to their specific website infrastructure.

IP Address  shielding When using Incapsula, no one will know your real server’s IP address, preventing access to it through SSH, FTP, Telnet and other methods.

Detailed threat analysis Get a detailed analysis of every threat that was posed to your website including: IP address, user agent, location, and other session information.

Reduced bandwidth and better server              utilization By blocking undesired access to your websites, you will reduce your overall bandwidth and load on your servers.