Sucuri Website Firewall is a cloud-based Web Application Firewall (WAF) that intercepts and inspects incoming traffic before it reaches the origin server. The firewall filters malicious requests and blocks threats including hacks, DDoS attacks, and zero-day exploits. The solution operates by routing traffic through Sucuri's infrastructure after DNS records are modified. It automatically creates SSL certificates for the firewall server, with options to upload custom certificates on higher-tier plans. The firewall provides HTTPS and PCI compliance through encrypted information flow. The platform includes DDoS mitigation capabilities using a global Anycast network. Virtual patching protects websites running outdated software by blocking layer 3, 4, and 7 attacks. The firewall integrates with a content delivery network (CDN) that caches content to improve page load speeds and reduce server load. Security monitoring scans check for malware, blocklist status, DNS issues, uptime, malicious redirects, and SEO spam at intervals ranging from 30 minutes to 12 hours depending on the plan. The service includes unlimited malware removal by security experts with SLA response times between 4 to 30 hours. The firewall supports all content management systems including WordPress, Magento, Shopify, Drupal, Wix, and Joomla, as well as custom websites. Additional features include blocklist monitoring and removal, load balancing, and server failover configurations.