More features, faster sorftware, and Wordpress WAF support

  • Wednesday, 6th January, 2021
  • 00:00am

As we close the books on a very "unique" year, providing us with many unexpected challenges, our R&D team has managed to finish some exciting new features. As always, we made many improvements to our Qbine infrastructure, and the client area received some much-needed upgrades. We addressed the overall "look and feel" (user experience) of the Qbine pages, added a ton of additional information, instructional videos, and help texts.

As hinted in our previous changeblog, we have focussed on insights, creating new dashboards on how our services make your websites and infrastructure more secure and optimize the user experience at the same time. Numerous graphs are added by our team throughout the client area, with many more planned. Our goal is to monitor anything that moves, or at some point in time, might decide to start moving.

We are also releasing the first feature of our "management reports" feature. It currently reports on the usage and performance of the Qbine services. Soon we will add all Serverius services, creating a unified report on everything of interest to our users, from the watts of power usage in your racks to the number of blocked requests by the WAF.

With our Qbine services' popularity, the volume of malicious traffic our infrastructure has to filter has increased dramatically. We have received several "unexpected stress-tests" that our servers filtered without much trouble. Through analyzing these events, we determined several improvements and new features to optimize our resilience further. An important new feature is a dynamic blacklist for badly behaving bots. By temporarily adding these bots to a blacklist, we do not waste resources on requests that would be blocked anyway. This data will be fed back into our IP reputation system for longer-term actions when required. The IP reputation system will receive a major overhaul next year and is a topic for a future blog.

Our ever-growing database of WAF rules has proven invaluable in protecting our clients' websites. There is always the risk of a false-positive, which could block legitimate traffic. A user can verify blocked requests in the logging dashboard, and we added a new button to disable a rule with just a single click from this overview. We are also working on "rule templates" for popular web applications to make it even easier to optimize the configuration. For WordPress, this is already live.

The Qbine HTTP(S) proxy has received many small increments and fixes "behind the scenes". These do have noticeable effects, proven by a recent update that cut the added latency by 50% in some cases! Improved support for non-UTF8 charsets has also been added, with an almost endless list of other small improvements.

Lastly, our "Let's Encrypt" backend has learned a few new tricks. One of the more exciting ones is the ability to automatically switch "Let's Encrypt" accounts for our most demanding users. This increases the number of certificates that can be automatically requested dramatically and makes sure no certificates are left behind.

Our team has already started work on many more exciting features that will be the topic for the next blog. Stay safe, and we keep in touch.

« Back