Quttera's Cloud-Based Web Application Firewall (WAF) filters all incoming traffic to your website or application. Provided as a part of the ThreatSign! Website Anti-Malware platform Quttera's WAF blocks malicious visitors and requests like SQL injections, XSS, and other application layer attacks as well as unknown (zero-day) threats.

Quttera's unique threat detection technology powers WAF traffic filtering rules which are maintained by a dedicated team of seasoned security professionals. Our scanners are continually crawling the web and scanning millions of URLs for malware each month, and we use the information on detected threats and potentially suspicious activity to update the protection of our entire customer community immediately.

Quttera WAF proactively secures your website from cyber attacks. It monitors all incoming traffic and analyzes the requests before passing them on to your site. It filters out the traffic from known malicious resources and continuously adapts to the evolving threats to signal on new, suspicious requests. Quttera WAF is a managed service that protects from application layer attacks. Easily deployed on your backend, it complements the toolset of the vital defenses provided by the THREATSIGN! Website Anti-Malware platform to ensure all-around protection for your website.

Quttera Website Firewall | How it works

Quttera WAF protects against a wide range of application security threats including:

  • OWASP Top 10
  • Virtual Patching
  • Security Misconfiguration
  • Shell Code
  • XML External Entities
  • Vulnerability Exploit
  • Brute Force protection
  • Bots (any kind of agent filtering)
  • GEO location blocking
  • Prevent upload of malicious files
  • XSS blocking
  • Injection
  • Generic Attack

Quttera Website Firewall | Cyber Attack Protection

To protect against today's constantly evolving web-based attacks, a global ruleset is continuously updated with Quttera's threats intelligence database crowd-sourced from a worldwide network. Flexible, level-based configuration of the rules allows detailed customization according to your specific security needs. The default ruleset can be further adjusted by applying customer-level (e.g., domain-specific) rules and whitelisting based on parameters such as IP, URL, geo-data, REGEX, severity level, etc.

Quttera Website Firewall | Protection Rules

Current version of the WAF supports any web server running PHP. We plan to support other environments in later releases.

Quttera Website Firewall | WAF Configuration

  • Threat Intelligence from Quttera Labs & Heuristic engine
  • Alert only when there is a real threat
  • Updated when a new/unknown threat is detected

Quttera Website Firewall | WAF Update

Get started »

Magento Skimmer in Google Analytics Plugin | Quttera

Blog: Magento Skimmer in Google Analytics Plugin

A credit card skimmer inserts a request for credit card information and sends the response to the attacker's site. Recently we found another variant on the same trick, using the Google Analytics Pro plugin.


Finding and Stopping Malicious HTTP Redirection | Quttera

Blog: Finding and Stopping Malicious HTTP Redirection

If malicious redirects infiltrate a website, it's important to get rid of them. It's equally important to find and fix the vulnerabilities that allowed them and improve website protection.


Quttera Web Application Firewall Statistics for 2018
 | Quttera

Blog: Quttera Web Application Firewall Statistics for 2018

In the period from July through December, Quttera Firewall handled 48,180,062 requests and blocked 617,074 attacks. The majority (62%) of the attacks originated from IP addresses in the United States.


© 2019 Quttera Ltd. All rights reserved.