CMS & Application Integrations
Optimizing Database Connections
Last Updated: December 7, 2025Securing Your Database Credentials The database is the most valuable target. Always ensure: Strong Passwords: Never use simple passwords for your database user accounts. Remote Access: By default, remote database access is blocked. If required, only allow access from specific, secure IP addresses (managed in cPanel). Database Optimization and Health Slow database queries directly impact your site speed and increase CPU usage. Clean Up: Regularly remove unnecessary data, old transients, and spam comments. Optimization Tool: Use the built-in “phpMyAdmin” tool in cPanel to select your database and run the “Optimize Table” command periodically. Indexing: Ensure large tables have proper indexes configured to speed up common queries. Database Backups Your daily full backups (Article 11) include the entire database. If you need to restore only the database, contact support for a granular restore request.
Customizing WAF for Custom PHP/Legacy Applications
Last Updated: December 7, 2025The Challenge of Custom Applications Custom PHP or legacy applications often lack the built-in security hardening of major CMS platforms. The WAF provides a vital security blanket for these applications. Custom WAF Rule Tuning For custom applications, you may need bespoke WAF rules: Endpoint Whitelisting: If your application uses unique URLs or unusual parameters, contact support. We can create specific exceptions to prevent false positives without weakening overall protection. Session Security: Ensure your application handles sessions securely (e.g., using secure cookies and regenerating session IDs). The WAF can help identify attempts at session hijacking. Maximizing Security Logging For easier debugging and security analysis: Enable Detailed Logging: Ensure your application logs all failed login attempts and API errors. Correlate Logs: Use your application logs in conjunction with the CyberWAF logs (in cPanel) to determine if a block was WAF-initiated or an application error.
Securing WooCommerce and E-commerce Platforms
Last Updated: December 7, 2025Prioritizing E-commerce Security E-commerce sites are high-value targets. Our E-commerce WAF Plan includes the fastest malware removal SLA (1-hour response) to minimize revenue loss during an incident. WAF Protection for the Transactional Layer Our WAF rules are specifically tuned to protect high-risk areas of an online store: Cart and Checkout Protection: WAF rules analyze POST requests to cart and checkout URLs, blocking common attacks aimed at harvesting customer data or crashing the transaction process. Payment Gateway Integration: Ensure your payment gateway uses HTTPS (secured by your CyberWAF SSL). We protect the communication channel to and from the payment processor. Performance Tips for Peak Traffic Caching Exclusions: Exclude the cart, checkout, and my-account pages from aggressive caching to prevent showing stale data, but ensure product pages are heavily cached for speed. Dedicated Resources: E-commerce sites benefit most from the higher dedicated CPU and RAM provided by the Business or E-commerce plans to handle concurrent transactions.
Integrating WAF with WordPress and Other CMS
Last Updated: December 7, 2025WAF Compatibility Guarantee The CyberWAF Platform is built for universal compatibility. Our WAF works at the infrastructure level, meaning it secures your application regardless of whether you are running WordPress, a custom PHP application, or a static site. Essential WordPress Security Steps While the WAF protects the front door, internal application hardening is still crucial: Plugin Management: Only install necessary plugins. Delete unused plugins and themes immediately. Regular Updates: Ensure the WordPress Core, themes, and plugins are always updated to the latest version to prevent exploitation of known vulnerabilities. Hiding Login Page (Optional): Use a security plugin to rename the default /wp-admin login URL to reduce brute force login attempts. Troubleshooting CMS Login Errors If you encounter issues logging into your CMS immediately after a WAF installation: Check False Positives: Refer to Article 7 and temporarily whitelist your static IP to ensure the WAF is not blocking your login attempts. File Permissions: Ensure your WordPress files and folders have the correct permissions (755 for folders, 644 for files).