Quttera's Cloud-Based Web Application Firewall (WAF) filters all incoming traffic to your website or application. Provided as a part of the ThreatSign! Website Anti-Malware platform Quttera's WAF blocks malicious visitors and requests like SQL injections, XSS, and other application layer attacks as well as unknown (zero-day) threats.

Quttera's unique threat detection technology powers WAF traffic filtering rules which are maintained by a dedicated team of seasoned security professionals. Our scanners are continually crawling the web and scanning millions of URLs for malware each month, and we use the information on detected threats and potentially suspicious activity to update the protection of our entire customer community immediately.

Quttera WAF proactively secures your website from cyber attacks. It monitors all incoming traffic and analyzes the requests before passing them on to your site. It filters out the traffic from known malicious resources and continuously adapts to the evolving threats to signal on new, suspicious requests. Quttera WAF is a managed service that protects from application layer attacks. Easily deployed on your backend, it complements the toolset of the vital defenses provided by the THREATSIGN! Website Anti-Malware platform to ensure all-around protection for your website.

Quttera Website Firewall | How it works

Quttera WAF protects against a wide range of application security threats including:

  • OWASP Top 10
  • Virtual Patching
  • Security Misconfiguration
  • Shell Code
  • XML External Entities
  • Vulnerability Exploit
  • Brute Force protection
  • Bots (any kind of agent filtering)
  • GEO location blocking
  • Prevent upload of malicious files
  • XSS blocking
  • Injection
  • Generic Attack

Quttera Website Firewall | Cyber Attack Protection

To protect against today's constantly evolving web-based attacks, a global ruleset is continuously updated with Quttera's threats intelligence database crowd-sourced from a worldwide network. Flexible, level-based configuration of the rules allows detailed customization according to your specific security needs. The default ruleset can be further adjusted by applying customer-level (e.g., domain-specific) rules and whitelisting based on parameters such as IP, URL, geo-data, REGEX, severity level, etc.

Quttera Website Firewall | Protection Rules

Current version of the WAF supports any web server running PHP. We plan to support other environments in later releases.

Quttera Website Firewall | WAF Configuration

  • Threat Intelligence from Quttera Labs & Heuristic engine
  • Alert only when there is a real threat
  • Updated when a new/unknown threat is detected

Quttera Website Firewall | WAF Update

Get started »

Annual Website Malware Report 2016 | Quttera

Blog: Legitimate Code Wrappers & Malware

Incident response insights: Backdoor malware wrapped using the legitimate online obfuscator to bypass the security monitoring.


Annual Website Malware Report 2016 | Quttera

Blog: Vulnerable WordPress Newspaper Theme

Clean up the 'WordPress NewsPaper theme malware' and protect your website from the similar attacks.


Annual Website Malware Report 2016 | Quttera

Blog: Hardening WordPress Website

What are the 6 best practices you could implement Today to protect your WordPress website from hackers?


© 2019 Quttera Ltd. All rights reserved.