How to protect your website using Google Cloud Armor as Web Application Firewall

Some typical questions that I often get from customers is how to protect your web application against DDoS attack, forcing HTTPS, implementing OWASP 10 protection ([SQL] Injection, Broken authentication, Sensitive data exposure, XML external entities (XXE), Broken access control, Security misconfiguration, Cross-site scripting (XSS), Insecure deserialization, using components with known vulnerabilities, insufficient logging & monitoring).

These are some references on How to do protect your website in step by step mode.
Please check into and check for these tutorials:

  1. HTTP Load Balancer with Cloud Armor (link)
  2. Bot Management with Google Cloud Armor and reCAPTCHA (link)
  3. Cloud Armor Preconfigured WAF Rules (link)
  4. Rate Limiting with Cloud Armor (link)
  5. (BONUS) Securing Virtual Machines using BeyondCorp Enterprise (BCE) (link)

Please run through those tutorials, you will get the ideas on how to protect your websites through malicious attacks.

Kind Regards,
Doddi Priyambodo

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.