Want to subscribe to topics you're interested in?
Become a Member

Security CMM + Lets Encrypt + Sucuri (Paid) + Cloudflare

Discussion in 'System Administration' started by lushen, Oct 6, 2018.

  1. lushen

    lushen New Member

    13
    2
    3
    Nov 13, 2017
    Ratings:
    +4
    Local Time:
    7:47 PM
    Hi all,

    I am slowly getting to the point where I manage a couple of Wordpress blog servers and some of them getting hit by scriptkiddies lately (No hack/breach so far).

    Until now I tried to secure the servers as much as possible, but the work to do this takes too much time and I also tested out the Sucuri WP Plugin which comes pre-installed when you install WP with CMM.

    My question now is: Will the sucuri WAF work with Cloudflare?
    I still would like to use Cloudflare to hide the IP, even though it is still possible to get the IP but I like to use more layers of security.

    So lets say I will buy the Pro Package for $9.99/month, does it include the key for the WP plugin and I am still able to use Cloudflare on top of that? Or should I go with the $19.98/month Package because of the "SSL Certificate Support"?
    Is it even worth to use Cloudflare when I have Sucuri?

    I have never really used any paid WAF so far, so, sorry if it sounds noob-ish.

    Any help is appreciated, thanks!
     
  2. eva2000

    eva2000 Administrator Staff Member

    37,352
    8,162
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,563
    Local Time:
    4:47 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    I wouldn't advise it as you end up being slower. It's why I moved from Sucuri to Cloudflare Pro with Cloudflare WAF. You have alot more control over your WAF with Cloudflare than Sucuri :)
     
    • Like Like x 1
  3. Jimmy

    Jimmy Premium Member Premium Member

    1,423
    294
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +728
    Local Time:
    1:47 PM
    1.13.x
    MariaDB 10.1.x
    I believe you can get SSL Support for $5 a month as a separate fee. I only pay $5 a month for CF.
     
  4. eva2000

    eva2000 Administrator Staff Member

    37,352
    8,162
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,563
    Local Time:
    4:47 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    yes that's what i did ordered Cloudflare dedicated SSL cert for $5/month :)
     
  5. lushen

    lushen New Member

    13
    2
    3
    Nov 13, 2017
    Ratings:
    +4
    Local Time:
    7:47 PM
    Honest question: What is the difference (Benefits) between the dedicated CF SSL cert and a LE generated cert?
     
  6. eva2000

    eva2000 Administrator Staff Member

    37,352
    8,162
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,563
    Local Time:
    4:47 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    It's not the cert but what comes with the cert. So CF dedicated SSL cert comes with Cloudflare CDN/performance caching. Using Letsencrypt SSL on front end means turning off CF CDN/cache which reduces performance.
     
    • Informative Informative x 1
  7. minodd

    minodd New Member

    4
    0
    1
    Nov 29, 2018
    Ratings:
    +0
    Local Time:
    2:47 AM
    Nginx 1.15.6
    MariaDB 10
    So, what would the difference between a paid CF SSL cert and a free CF SSL cert? I'm now using the free one.
     
  8. rdan

    rdan Premium Member Premium Member

    4,420
    1,059
    113
    May 25, 2014
    Ratings:
    +1,543
    Local Time:
    2:47 AM
    Mainline
    10.2
    ECC & RSA (Pro) vs ECC only (Free Plan).
     
  9. eva2000

    eva2000 Administrator Staff Member

    37,352
    8,162
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,563
    Local Time:
    4:47 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    What @rdan stated, Cloudflare Pro offers standard RSA 2048bit SSL certificate (legacy compatibility with older browsers) + ECC 256bit ECDSA SSL certificates (faster performance) while Cloudflare Free Universal SSL certs are ECC 256bit ECDSA SSL certificates which only work with modern web browsers.
     
  10. minodd

    minodd New Member

    4
    0
    1
    Nov 29, 2018
    Ratings:
    +0
    Local Time:
    2:47 AM
    Nginx 1.15.6
    MariaDB 10
    Okay, I see. Thank you!
     
..