Categories
CDN Cloud Cloudflare

How to set up Cloudflare Free CDN to your website

I wanted to explore how online providers such as Cloudflare can increase my performance and security on my website. So I am testing their CDN Content Delivery Network.

Here are the steps that I took to get set up with Cloudflare.

Step 1 – Add your website

Click on the “+Add Site” link
https://dash.cloudflare.com/add-site

Step 2 – Scanning records

Cloudflare will then scan your website. You will receive a “Scan Complete” confirmation once complete. Click on “Continue Setup” when you’re ready to go to the next step.

Step 3 – Configure your DNS Settings

This step involves changing your DNS settings.
Please visit your registrar’s dashboard to change your nameservers displayed.

The transfer process can take up to 24 hours. There will be no downtime when you switch your name servers. Traffic will gracefully roll from your old name servers to the new name servers without interruption. Your site will remain available throughout the switch.

Step 4 – Wait, confirm that everything is setup and your website is live

DNS can take from 24-48 hours to propagate. Let’s see if it’s true that the website is still live. 

Website is still live

Step 5 – Confirmation 

You should then see no more references to “Status: Pending” once it is live.

]]>

Categories
CDN Cloud Cloudflare firewall

How to set your Cloudflare firewall to simulate firewall event actions

This is a high level guide of how to set your firewall in Cloudflare to simulate firewall event actions. This means that the firewall will only take note and log events and the action it would have taken.
This is very useful when you want to customise the Web Application Firewall around your organisation’s business processes, so that you can identify and continue to allow legitimate requests to pass.
You can view this process, as looking for “false negatives”, and working backwards to customise them to your business.
Typically, these would be the options you would have within the firewall.

  • Simulate: Logs the event and does not block or challenge the visitor (you can still decide to set to a block or challenge after review of the event).
  • Block: Block will block visitors from that IP from accessing the site. 
  • Challenge: Will display a challenge (captcha) page before the visitor can enter the site.

How to set your Cloudflare to simulate firewall events

Step 1 – Go to the “Firewall” tab

Step 2 – Click on the “Web Application Firewall” sub tab

Step 3 – Make sure your Web Application Firewall is set to Off

As we are simulating firewall events, let’s first make sure your Web Application Firewall is set to Off. This is set to “Off” by default, so you can customise and switch it on when you are ready.

Step 4 – Let’s review your Web Application Firewall settings and set to Simulate

Step 4.1 – Review your “Package: Cloudflare Rule Set”

Let’s review your “Package: Cloudflare Rule Set”. You will be able to review when you click on the “Rule Details” link. It’ll expand and give you a list of the rule groups you can switch on/ off.
If you get stuck and can’t find it, copy this link below and put in your domain here.
https://www.cloudflare.com/a/firewall/YOURDOMAIN.com/waf#

Step 4.2 – Review “Package: Cloudflare Rule Set” Rule Details

You should now see a set of Cloudflare Rule Sets that you can switch on and off. 
Cloudflare Flash, Cloudflare Php, Cloudflare Specials and Cloudflare WordPress will be the rules are set to on by default. 

Step 4.3 – Explore the ruleset groups to deep dive and configure

You can click on the group name to configure each ruleset group further. You will want to do this depending on your organisation’s business needs. 
The goal here is to customise the settings so that you can get the highest possible security settings while not compromising on your normal required business operations. This is where the “Simulate” function will come in handy.

Step 4.4 – Configure your Cloudflare settings for your rulesets

Depending on your business again, you can configure your Cloudflare settings. I will use Cloudflare Flash ruleset as an example.
Once you click the Cloudflare ruleset, you will see a list of rules and options on how to configure it.
Then you can change the mode from “Default” to a preferred option. There is some details on what this “Default Mode” is in the column next to “Mode”.
For the purpose of this exercise, we will then set the Mode to “Simulate”.
Here are what the options mean:
  • Simulate: Logs the event and does not block or challenge the visitor (you can still decide to set to a block or challenge after review of the event).
  • Block: Block will block visitors from that IP from accessing the site. 
  • Challenge: Will display a challenge (captcha) page before the visitor can enter the site.
  • Disable: Will simply turn off this particular rule
Continue to do the same with the other rules and rulesets that are available. Some of these rule and rulesets you will already know how you want to configure it based on your business needs. Others, you may really want to set to simulate to make sure.

Step 5 – Review the OWASP ruleset package as well

Next, review the “Package: OWASP ModSecurity Core Rule Set” and configure it accordingly. For starting off, you can start with the simulate mode to get things started.

What is OWASP?

This package consists of rulesets derived from the OWASP ModSecurity Core Rule Set. These provide an easily pluggable set of generic attack detection rules that provide a base level of protection for any web application.
The OWASP rules operate in scoring threshold mode: each match against a rule increases the threat score of that request. Once a request exceeds a configurable sensitivity threshold (off, low, or high), the action is taken. This action can be simulate (create a log entry but do not block the request), challenge (present the user with an in-browser challenge page, and log), or block (reject the request and log).
Individual rule groups within the OWASP package can be enabled or disabled in “rule details”, after which rules can be managed at the individual rule level through the advanced option.

Step 6 – When you are ready, switch your Web Application Firewall is set to On

Step 7 – Review the Web Application Firewall results

Under the “Traffic” tab. You can scroll down until you see the “Firewall Events” section. This is where you will find the simulated, challenged firewall events.

Step 8 – Review and update settings

Keep iterating and reviewing settings until you are comfortable.

]]>