How the TrueShield Firewall Works

How The TrueShield Firewall Works

Please note that the following assumes the firewall is setup and correctly configured.

1. A user enters the url for your website in their web browser.

2. The browser is then redirected to our firewall servers. The data is then sent to our firewall.

3. The firewall checks for any security rules in your settings that are being broken. This can include a user from a blocked country, blocked IP, bad bots, and also security risks identified by the OWASP Top 10 which include cross-site scripting, SQL injection attempts and others.

4. From here, there are two things that can happen to the user depending on what the firewall determined:

If it is determined the user breaks your security rules, that user is blocked from proceeding to your website and is given a SiteLock page.

If it is determined the user is not breaking your security rules, the user proceeds to step 5.

5. The user is then forwarded from our firewall to your website’s IP address. The IP address that the user is forwarded to is the one that is in your firewall settings under the “General Settings” section. You must update the site IP if your website ever moves hosts or servers. For more information on this, please see the “Firewall Settings” section.

6. The Firewall actively protects the user while on the website. If there are cross-site scripting or SQL injection vulnerabilities in the site, the firewall will redirect the user to a SiteLock error page noting what happened.

This may also happen when making changes to your website if the firewall determines the code you updated contains a vulnerability. For more information on this, please see the “Firewall FAQ”  section.

If you are seeing a SiteLock error page, please see the “Common Firewall Errors” section.