There are two things that bloggers, website owners, and small businesses often overlook at, and that is website security and performance. While it is understandable that some may neglect the need for speed, security on the other hand should be one of the top priorities in any webmaster or site owner’s list. With the ever increasing threat of sites being “attacked”, it is more important than ever to ensure that you got as much defenses as possible to block these menaces, specially for WordPress powered sites.
Performance on the other hand is to improve users experience. Study’s has proven that users no longer have patience in waiting for a site to fully load. Just for you to have an idea, 25% of users in America tend to leave a site that takes more than 4 seconds to load. That’s a scary thought and we all know that bad user experience is bad for SEO. If you are interested, make use of this tool to see how your site is performing.
The Ideal Situation
Well, there is no such thing as the “perfect solution”, but being as close to it as possible, is definitely of great interest. What if I told you, that you can increase your websites performance while also increasing your defenses for possible online threats? That would be a nice recipe, would it not?
Enter Incapsula Cloud Based Security …
About a year and a half ago, I wrote a post about Incapsula. Incapsula is a service that seriously enhances your sites performance, security and uptime, just to name a few. There has been some major changes since, some of them being, a completely new GUI (graphic user interface), and new features such as more POPs, DDoS protection, patent-pending Dynamic Caching algorithm, Joomla support, cPanel plugin and more.
Essentially, behind Incapsula, your sites traffic is routed through a global network of high-powered servers that analyzes all incoming traffic, keeping threats out while boosting your sites speed for traffic. The service improves your sites security and performance by caching and optimizing its content and serving it directly from their globally distributed servers. This solution is particularly great for those who are on shared hosting.
What are the main features and how much does it cost?
I’m guessing, that the is the first question that comes into your mind. How much? Well, here’s the good news, Incapsula offers 4 types of plans. Free, Personal, Business and Enterprise. The free plan suits well for small websites and if need be, you can easily upgrade for an affordable $9 a month to the personal plan. Business and Enterprise have a higher investment required, but then again, it may not necessary to go as far. The option is there if you need it.
Main Features – The Free Plan
- First Website: Free
- Additional websites: unlimited (free)
- Bandwidth: 50GB
Performance:
- Global CDN
- Static content caching
- Static content compression
- Content Minification
- On the fly image optimization
- Security threat notifications
- Reputation based security
- Bad bots blocking
- Blacklisting of clients, countries and IP’s
- Guaranteed search engine access
- Comment spam elimination
- CAPTCHA security check
How about that? If you ask me, that’s a pretty good deal for a free plan. Either way, and despite some limitations, your website could be better with, than without it. The good thing is that, you can always “turn it off”, whenever you want to. Making use of the service does require you to do anything but change some DNS records and that’s it. Your site stays hosted where it is, and nothing else. In any event, the fine folks of Incapsula, always welcome your questions and are glad to help.
If you are wondering how to setup your website with Incapsula, here’s a quick video, showing you how I installed one of my websites (sorry about the audio). The video is about 5 minutes long, so you can imagine how fast it takes to actually set your site up.
OK. Does Incapsula really improve performance?
Images are worth a thousand words. Tested on http://tools.pingdom.com/
Before (load time 1.76s):
After (load time917ms):
[note]Update: Incapsula has just released their backdoor protection. One of the first things a hacker does after breaking in to a website is to install a backdoor. A backdoor allows the hacker to remotely operate the site or server for future exploitation.[/note]
There you have it! There are obviously other ways to increase your websites performance and security, but Incapsula is worth the try.
Ultimately and in case you are wondering, how Incapsula pairs with its peers, here’s a great review about Incapsula vs CloudFlare.
this post sponsored by incapsula.com
I have never heard of Incapsula before…It actually sounds like something I could definitely use for my business…my only concern is; through the analyzation of traffic, what if it blocks some good traffic not knowing that it isn’t bad? It sounds good in theory but that would be one of my biggest worries.
Matthew
Very interesting… And timely, as I just got fed up not being able to get cloudflare to function properly with my sites. I will have to give this a try!
Igal-Incapsula
Hi Ron
Thank you for your interest.
Our visitor identification algorithm relies on the following methods/resources:
1. Existing data, we monitor thousands of site and, over time, monitored million of sessions. Each time a new malicious attempt is identified the information is aggregated over the network and used for future filtering decisions.
2. When we encounter new un-identified visitor our system will:
– monitor behavior, looking for suspicious sings
– present the visitor with a set of seamless challenges (sending cookie, executing JS).. This help pinpoint bots
– looking at HTTP Header data for suspicious signs (wrong order, strings missing)…
If after all of the verification/challenges the session is still identified (rarely happens) our system can be configured to present CAPTCHAs to suspicious unidentified visitors.
Still, even without CAPTCHAs this multi-layered signature/behavior identification process is extremely accurate. Even when mitigating DDoS and dealing an extremely large number of incoming visitors, our system will still provide 99% no-false-positives. Meaning that even in the most extreme scenarios only 1% of visitors will be presented with CAPTCHA – none turned away.
Riz
Hi,
Appreciate the detailed write up about Incapsula. I previously tested CloudFlare for almost a month on a test blog but it gives too many false positives and the most important thing was that in case there is any emergency and you need to contact someone immediately, then there is no one there..you can only leave a ticket and a support personnel will reply back in his own time….We can wait but our blog readers will never wait, and they will leave our site. I recently installed Incapsula on a real site and am glad I havent had any problems or issues yet…there is a little speed improvement than my host but at least am also getting basic protection and that too for NO charges at all π I am a newbie in the world of blogging and I would love to have more features than the free plan but the Paid plan is a little over budget for me so if I may please suggest if you could create a plan that is not free but has more protection than the basic plan and is pocket friendly for start up bloggers like me π
Thanks
Juan
Hi DiTesco, Incapsula dan Cloudflare have a same function right, to give better security and boost performance for our blog. At my country i never heard about incapsula, but cloudflare is commen here because some of the hosting provider already integrate their hosting server with clouldflare
Fred Owusu
Never heard of Incapsula. While reading through I was wondering about CloudFlare right before I saw Incapsula vs CloudFlare. Thanks for sharing this DiTesco. Always helping out your readers with the best information up to date.
Welcome Fred. You know me, I like to try different alternatives. Incapsula is no exception and actually works like a charm π At least so far, so good.
Rusty
As Fred mentioned before, I also haven’t yet heard the incapsula. Maybe I will try to free version on how it will really works.. Thanks mate for sharing.
“Very interesting service, i wonder how much the speed would be reduced for the end user. Will give this a try for sure. thanks”
Hi Santosh. In my experiment above, the speed increased by over 40%. I guess it will depend very much on individual cases as you may have different things installed, like scripts, requests, plugins in case of WordPress, amount of traffic, etc.. Trying won’t harm, so in case you do, I will very much appreciate your feedback about your experience
I’ve actually recently started using CloudFlare which seems to be a little like Incapsula, and I think anything that increased the security of your site is worth looking at.
I also use a couple of plugins to increase my blogs security because I believe you can never bee too safe from hacking and stuff.
Hi Sire. Totally agree with you. Anything that can be used to increase our sites security is worth looking at. Even better if it helps boosts its performance too. BTW, soon I am posting about another way to boost a WordPress sites speed, something that can be used in combination with CF, Incapsula and Cache Plugins.. Stay tuned for that π
I’ve already done a whole lot to increase Wassupblogs speed, including moving it to a VPS host. I’ll be really interested to see what else I can do.
Not sure if there is anything else to do, you’ve got almost everything there is on my arsenal, lol… but let’s see.
Naziman
Thanks for sharing this. I never heard about incapsula before. I will give it try because Cloudflare have some problem with me right now.
Tri Wahyudi
Now I installed again incapsula for my website. Previously I’ve been off, because since using incapsula, when I open google webmaster, my website is considered undetectable π
There are lot of people who are looking for some security for there web site as I am also a victim of hacking so I think your blog brought up my mind about this security.