With a constantly increasing traffic load to contend with, report-uri.io needs some support. Fortunately for us some help came from Imperva Incapsula who are now protecting report-uri.io with a free account on their DDoS mitigation and WAF platform. It's not just about security and availability though, there are several other features of Imperva Incapsula that are helping us to keep the lights on at report-uri.io HQ.
What is Imperva Incapsula?
You can find broader details about Imperva on their main site but I'm going to be focusing specifically on their product called Incapsula. Incapsula has a whole host of features, many of which I'm currently leveraging on report-uri.io, including DDoS Protection, WAF, CDN and Load Balancing. These service are provided from Incapsula's network that currently consists of 32 data centers around the world.
I'm going to quickly skim over some of the awesome features that are already helping me out tremendously but I'm not going to dive into the technical side too much just yet. I'm planning to do a small series of blogs on how I've been using the service, what I've learnt along the way and I'm going to publish some really fine-grained data and statistics that I now have available to me. There is some genuinely interesting things that I've found in a very short period of time and when you have access to data on this scale, you might be surprised at what you find!
Scrubbing bad traffic
One of the biggest and most helpful things that Imperva Incapsula is currently doing is scrubbing all kinds of bad traffic upstream from my servers, they're taking care of it before it even hits me. Some of these are tasks that I used to handle myself like checking the basic formatting of the payloads I'm receiving, do requests have the correct headers set and rate limiting per account and per client IP. Because all of this is now taken care of at their edge, it frees up the resources on my servers to do more of what they should be doing, processing reports. This means my server overheads are now lower because I need less servers to process the inbound report traffic, it's a direct cost saving.
As I've been using and testing the service over the last few weeks, I've come to notice just how often my site is attacked. This ranges from things like XSS attacks where it picked up on a malicious payload and blocked it to things like SQL Injection. In fact, on a daily basis I pretty much see the entire OWASP Top 10 run against the site by all kinds of bots and clients. Most of them appear to be largely harmless and are just probing for things like hosting files in the
.git directory, but it's nice to have an extra layer of defence on top of my own measures.
Another great thing that I can now do is load balance requests across the various pools of servers I have without having to run and maintain my own load balancers. There's a whole range of options to do this including random distribution, IP hash for sticky sessions, regional, number of queued requests and more. Whilst I only have servers in one region right now I am looking forward to doing things like geo-routing in the future to push traffic to my report ingestion servers located locally in specific regions.
Content Delivery Network
Last but certainly not least is the CDN service provided by Imperva Incapsula that now makes the report-uri.io site pretty fast at loading, and it was no slouch before! They do all kinds of great things like HTTP/2 and IPv6 from their edge, various improvements like content minification and image compression along with caching at locations physically closer to the visitor's browser.
More to come
I've genuinely got some really interesting things to write up over the coming weeks about both using Imperva Incapsula and report-uri.io. Having access to the kinds of metrics and statistics that I do now thanks to the dashboards has brought to light things that I hadn't even considered in the past. I've made some improvements to the site as a result and all of the details will follow in the blog posts to come. For now, I'd like to say thanks to Imperva Incapsula for their support and helping to keep the service running!