Loading...

Next-Generation WAF with Intrusion Prevention

Proactive Defense Against Web Threats with Real-Time Monitoring and Automatic Blocking

Launch Plan
Kickstart Your Journey
$4.64 /month
Order now
  • TRAFFIC
    20 000 Hits / Month
  • LAYER
    Layer 7 Attacks
  • DETECTION
    Always-On Attack Detection
MOST POPULAR
Professional Plan
Optimized for Performance
$10.60 /month
Order now
  • TRAFFIC
    80 000 Hits / Month
  • LAYER
    Layer 7 Attacks
  • DETECTION
    Always-On Attack Detection
Advanced Plan
High-Traffic Mastery
$24.99 /month
Order now
  • TRAFFIC
    200 000 Hits / Month
  • LAYER
    Layer 7 Attacks
  • DETECTION
    Always-On Attack Detection
DDoS Protection

Your Cybersecurity Sentinel

Introducing the Pinkmare Cloud IPS, a next-generation Intrusion Prevention System meticulously designed to fortify your website's defenses. Employing cutting-edge detection technology, the Pinkmare Cloud IPS transcends conventional security measures by not merely filtering inputs, but by intelligently recognizing and thwarting attackers' efforts to breach your site. It operates in dual modes to cater to your security demands: 'Balanced' for solid, everyday defense, and 'Ironclad' for the ultimate protective shield against an array of sophisticated threats like XSS, SQL Injection, RCE, CSRF, and more. With Pinkmare Cloud IPS, not only is your site guarded, but it also meticulously logs attack vectors, offering you in-depth insights into the security landscape, empowering you to stay one step ahead of cyber threats


Unbreakable Uptime

Elevate your website's resilience with Pinkmare Cloud Website Firewall's High Availability feature. Our sophisticated WAF leverages a globally distributed network, ensuring that users are always routed to the nearest node for the fastest response times. With our innovative 'shadow' mode, security nodes can seamlessly transition offline for updates or maintenance, while another node takes the lead, making your firewall's location elusive to prying eyes. This strategic shuffling not only maximizes privacy but fortifies your defenses against targeted attacks. Moreover, our system boasts multi-level backups and perpetual database synchronization, maintaining robust security layers without reliance on any single provider. With Pinkmare's architecture, the website and dashboard function autonomously, ensuring that your web application remains accessible to your audience, come what may. Choose Pinkmare Cloud WAF for a steadfast, always-on protection that never sleeps, so your website won't have to either

DDoS Multi-Layers

Always DDoS Protection

Intelligent Access Control

Deploy strategic defenses with our 'Red Lines Ambush' feature, crafted to delineate the boundaries of normal human interaction and automatically intercept excessive or abnormal behaviors. Our intelligent system empowers you to set hidden thresholds — how many pages a visitor can load per minute, the acceptable number of 404 errors, and the limits on suspicious request patterns. Cross these lines, and the system springs into action, issuing temporary or permanent access denials to shield your site. But there's a catch: before an outright ban, transgressors face the ultimate gatekeeper — a CAPTCHA challenge. Leveraging the privacy-centric hCaptcha, we give genuine users the chance to prove their humanity without compromising their data privacy. It's a seamless but formidable check against bots, designed to be effortlessly passed by humans while deterring malicious automated attacks. Set your traps with Red Lines Ambush and watch malicious actors fall right into your well-laid plans, while keeping your legitimate visitors engaged and your site secure

WAF Technical Specifications

All packages, including the free version, come with access to almost all the functions and benefits.

Automatic Traffic Filtering
Attacks Protection
Monitoring and Management
Enhanced Privacy and Data Protection XSS (Cross-Site Scripting) Protection Real-time Traffic Monitoring
Custom Firewall Rules SQL Injection Protection Security event logging export
Frontend IP & CIDR Whitelisting File Inclusion Protection Visitor tracer
Frontend IP & CIDR Blacklisting Command Injection Protection Security Notifications/Alerts
Backend IP & CIDR Whitelisting CSP – Content Security Policy Security Analytics/Reporting
Backend IP & CIDR Blacklisting CSRF (Cross-Site Request Forgery) Protection Centralized Management and Monitoring
Frontend Geolocation Blocking Web Scraping Protection SSL Monitoring
Backend Geolocation Blocking MIME Type Sniffing Protection DNS Monitoring
Page Requests Rate Limiting Referrer-Policy Major Search Engines Database Accuracy
Frontend URLs and Requests Filtering HSTS IP Abuse Contacts Listing
Backend URLs and Requests Filtering Intrusion Prevention Intelligence (IPS) Web Application Vulnerability Scanning
URLs Filtering Rate Limits Captcha Challenge Simulator Mode
Search Engines & Hosts Whitelisting IP Obfuscation Detection Live World Cyber Attack Map
Search Engines & Hosts Blacklisting Score Fraud Intelligence Token-Based Authentication
SSL/TLS Encryption Enforcement
Brute Force Attack Mitigation
User Agent Filtering
Blob Background

Web Application Firewall (WAF) FAQs

Your Questions Answered: Unveiling the Layers of Security

Unpacking the WAF: What exactly is a Web Application Firewall?
  • Think of a WAF as the elite guard for your web application's security. It's not just any guard, though; it's a Web Application Firewall that stands as the gatekeeper between your site and the vast ocean of the internet. With a keen eye, it scrutinizes every bit of data passing through, blocking malicious threats while allowing legitimate traffic to flow freely. From SQL injection to cross-site scripting, a WAF is your digital shield against the cunning tactics of cyber adversaries. It's the silent protector in the background, ensuring your website remains a safe and trusted place for your visitors and customers

Hits Defined: What Counts as a "Hit" to My Web Application?
  • Picture a "hit" as a virtual hand-raise every time someone asks to see your web app. It's a signal that shoots over to Pinkmare Cloud Firewall, like a guest at a checkpoint, seeking permission to proceed. When Pinkmare Cloud Firewall gives a nod of approval, that's a hit recorded — it's essentially one page request or application interaction from a user.

    Now, it's like a tally counter; these hits accumulate, keeping count against your plan's limit. But don't worry about the little actions like internal crons; they're not part of this headcount.

    What happens when your hit counter maxes out? Well, Pinkmare Cloud Firewall takes a step back. It won't apply your ruleset rigorously, adopting a more laissez-faire approach, allowing IP requests through without strict checks. But you'll see it all — initial to final hits, like a story of visits, right there on your dashboard.

    And about those limits — they're set to be generous, well above what a bustling site sees in an average month. This cushion is your safeguard against sudden surges — perhaps a viral moment or an unwelcome bot swarm. If a spike in hits has you brushing up against your plan's ceiling, Pinkmare Cloud Firewall doesn't just flash a warning light; it's your cue to dive into the dashboard and play detective. Is it fame, is it a fluke, or is it foul play? Either way, Pinkmare Cloud Firewall got your back, ensuring you're covered and clued in.

Do you offer trial?
  • Sure we offer trial for this product in order to let you explore it. In order to start your trial please click HERE

Setting Up for Security: What Does It Take to Implement Pinkmare Cloud Website Firewall?
  • Getting started with Pinkmare Cloud Website Firewall is a breeze, thanks to PHP — the web's favorite scripting language. Our service is crafted for high compatibility, slotting in with the majority of hosting servers out there. If your site's engine is PHP-powered, and let's face it, with most of the web on PHP that's likely, you're practically ready to roll. This includes all the popular platforms like WordPress, Drupal, Joomla, and shopping carts like PrestaShop, Magento, and WooCommerce — they're all in the PHP family.

    Even if your website is a gallery of static HTML pages or coded in other languages like ASP or Python, you're not left out. All you need is a hosting service that speaks PHP, and you're set to integrate our robust firewall seamlessly.

    Keep in mind, our hands-on support is ready and waiting for clients who plug into our system on native PHP servers. So if you're all about PHP, we're all about protecting your site. It's that simple.

Navigating Traffic: How Does Pinkmare Cloud Website Firewall Treat Search Engines and Major Websites?
  • In the digital highway, search engines and major websites are like VIPs, and Pinkmare Cloud Website Firewall knows to roll out the red carpet. Our system is on top of things, refreshing the guest list multiple times daily to recognize the VIPs of the web world. This list is extensive, featuring a constellation of trusted names like Googlebot, Bing, Facebook, Yahoo, Yandex, LinkedIn, Exalead, DuckDuckGo, Blekko, Baidu, and Pinterest, to name a few.

    But what if you've got VIPs of your own you want to add to the list? Or perhaps there's someone you'd rather not grant all-access? Pinkmare makes it a snap to customize your list. Drop them into your Firewall ruleset, and they're in or out — instantly, no bouncer required. You call the shots, ensuring only the traffic you trust gets the VIP treatment.

Securing the Gateway: Blocking VPN, Proxy, Tor, and Bad IP Users?
  • In the quest for website security, the question isn't just about who comes in but also how they arrive. Imagine your website as a secure facility, and among your visitors, some choose to wear disguises — like VPNs, proxies, and Tor. These tools, while legitimate in certain contexts for privacy protection, can also serve as cloaks for less savory internet activities, including access to the dark web, where users shield their identities behind Tor's exit nodes, or through proxies and VPNs that mask their true IP addresses.

    Then, there are the masqueraders — fake crawlers pretending to be reputable search engines, and IP addresses known for launching attacks. It's a mixed bag, and while the intention might not always be malicious, the potential risk can't be ignored.

    Just as you wouldn't welcome masked strangers into your home without question, it's prudent to be cautious about who you let into your digital space. Blocking connections from these sources can significantly reduce the risk of attacks and unwanted scrutiny, ensuring that those who walk through your digital doors are more likely to be there for the right reasons. However, it's essential to strike a balance, ensuring that genuine users aren't caught in the net. Vigilance is key, but so is accessibility.