Getting Started: Activate and Set Up Your Web Security Suite

This guide is your step-by-step path to quickly set up, activate, and optimize essential security features, so you can focus on growing your business with total peace of mind. Let's get started and make your website more secure than ever!

Initial Setup Checklist

Before diving into the full power of your Web Security solution, let's start with the essentials. This quick setup checklist will guide you through the key steps to get your website protected and performing at its best. Follow these actions to ensure a smooth and secure launch!

Quick Links

• Web Security Plans and Features
• EuroDNS Control Panel - Login
• Web Security Dashboard
• Help and Support

Step 1. Choose your Web Security plan

Select the plan that best suits your website’s protection needs, from personal blogs to high-traffic e-commerce platforms. View our web security plans.

Step 2. Complete your purchase

After selecting the Web Security plan that best suits your website’s protection needs, the next step is to complete your purchase.

Step 3. Activate Web Security token

1. Go to EuroDNS Control Panel→ Products → Web Security Tab.
2. Select the Token.
3. Activate Web Security for your domain.
4. Edit DNS Zone (depending on whether your domain is registered with EuroDNS or another provider).

If DNS is with EuroDNS: Choose between manual or automatic proxy setup.

• Manual Setup: Manually activate the proxy in the Manage Web Security page.
• Automatic Setup: EuroDNS will manage the DNS settings automatically.

If DNS is with another provider: Manually activate the proxy by configuring an A or CNAME record for your domain.

Tip: If you already have an active Anycast DNS plan, it will be switched to the free version upon expiration without any service disruption. However, you will need to turn off the auto-renewal for the Anycast DNS subscription.

IMPORTANT: You will find status Pending below domain name for which you have just Activated Web Security. It may take a couple of minutes to complete the activation. Once completed, you will receive a confirmation email. Refresh your page for updated status.

Step 4. Understand EuroDNS Control Panel

Within the EuroDNS Control Panel, you can manage various aspects of your Web Security subscription, such as:

• Subscription Information: Domain, plan type, expiration date, and plan details.
• Proxy Management: Activate/Deactivate proxy and DNS settings.
• CDN & SSL Management: Customize CDN and SSL settings.
• Subscription Management: Manage renewals, upgrades, and downgrades.

For subscription downgrades or cancellations, please contact EuroDNS support.

Step 5. Activate proxy

What is proxy

A proxy serves as an intermediary between users and web servers, improving both performance and security. Enabling the proxy is necessary for optimising content delivery through a CDN and providing protection against various web-based threats, including DDoS attacks.

Steps to manually activate proxy

1. Go to EuroDNS Control Panel→ Products → Web Security Tab.
2. Navigate to the selected Domain Name→ Click on the “edit pen icon” next to the domain name.
3. If Domain is registered with EuroDNS or DNS hosted with EuroDNS, simple click ‘Activate Proxy’ and automated setup will be activated → Proxy is On and CDN is Active.
4. If Domain and DNS is registered with another provider, manually activate the proxy by configuring an A or CNAME record for your domain.
5. Once proxy is activated, a Complimentary Let’s Encrypt SSL will be enabled on CDN Edge Servers.

Tip: To enable the proxy, you need to ensure that the DNS record points to the proxy. You can do this by setting either an A record or a CNAME. While CNAME is convenient, it may not work for the apex domain. In that case, you will need to add an A record directly using the correct IP address to your DNS provider. The IP addresses or the canonical name of the web servers to be hidden and protected behind the proxy needs to be added Origin.

Step 6. Customise CDN cache settings

Enabling CDN cache

Why CDN caching is necessary

Enabling the CDN cache stores and delivers static content (images, CSS, JavaScript) from locations closest to visitors, improving load times and reducing server strain. Cache durations for dynamic content can be adjusted based on update frequency, balancing performance with freshness. Once the proxy is enabled, all website traffic is routed through the CDN. Caching isn't default because some websites, like e-commerce or news sites, need real-time updates for accuracy.

Once configured, the CDN will:

• Improve performance by serving content from the nearest data center.
• Forward event logs to the SOC team for threat monitoring.
• Enable WAF protection with continually updated firewall rules.

Steps to enable CDN Cache

• Go to EuroDNS Control Panel → Products → Web Security Tab.
• Navigate to the selected Domain Name→ Click on the “edit pen icon”next to the domain name.
• Navigate to the CDN & SSL section under your Web Security subscription.
• Click on "Manage CDN" to customise caching rules based on your needs.

Understanding CDN customisation

Options for customising CDN settings such as caching rules, geolocation targeting, etc.

Understanding Purge Settings

Ensure to purge the CDN cache every time any changes are made on the website so that the changes made are reflected immediately to the visitors.

If the cache is not purged, the changes will only be reflected after the cache time expires.

• Purge All Files - Manually remove all cached files so the CDN is forced to check your website the next time the files are requested.

• Purge Individual Files - Remove specific files from the cache so that the CDN is forced to check your website the next time these files are requested.

Step 7. Check SSL configuration

What is Bring your own vs Complimentary SSL

Using both standard SSL on your origin server and SSL on CDN edge servers provides a robust security framework, enhances performance, improves user experience, simplifies management, and ensures compliance with industry standards. This dual approach enables you to effectively handle high traffic while maintaining a secure environment for your users.

Bring your own SSL: Installed on the origin server, potentially leading to higher latency and resource usage on that server.

Complimentary SSL: Installed on CDN edge servers, improving performance by reducing latency and offloading work from the origin server, while also enhancing security features.

There are two ways to deploy a certificate:

Bring your own SSL

You can upload and install your own SSL Certificate provided by your chosen Certificate Authority (e.g. Sectigo) secure traffic between the origin and CDN.

How to add your own SSL Certificate

1. Go to EuroDNS Control Panel → Products → Web Security Tab.
2. Navigate to the selected Domain Name→ Click on the “edit pen icon”next to the domain name.
3. Navigate to the CDN & SSL section under your Web Security subscription.
4. Click on Install Custom SSL, and provide your certificate and your private key required for SSL encryption.

IMPORTANT: We do not manage issuance and renewal for custom certificates. Using custom certificates, you will need ensure these actions to be accomplished by you.

Complimentary SSL certificate

Free Let’s Encrypt SSL is included in your Web Security Suite plan and is deployed on the CDN Edge servers. Again, this will encrypt traffic between your site and the CDN. To ensure the SSL certificate is activated, you will need to complete proxy activation in Step 5.

Tip: We recommend you use your certificate on your site. To ensure the traffic is always encrypted, you can enforce HTTPS connection at any time.

Step 8. Access Web Security Dashboard

The Web Security Dashboard provides you access to all security features, perform website scan, request malware removal, view scan reports enable server side scan, configure WAF and start and run backup. Users to monitor key security stats and manage important features. Users can review their account plans, access support by contacting EuroDNS, and choose their preferred language from English, French, Spanish, or German for a personalised experience.

How to access your Web Security Dashboard

1. Go to EuroDNS Control Panel→ Products → Web Security Tab.
2. Navigate to the selected Domain Name.
3. There are 2 ways to access your Web Security Dashboard:
   1. Click on the “edit pen icon” next to the domain name. → On Manage Web Security → Click on Access Dashboard → You are redirected to Web Security Dashboard
   2. Next to “edit pen icon” → Click on “monitor icon” → You are redirected to Web Security Dashboard

Step 9. Enable Scanner and Advanced Security Features

To enable scanner and complete advanced security configurations, you will need to navigate to your Web Security Dashboard.

Start Website Scanner

1. Access your Web Security Dashboard.
2. Select a target website from the menu at top-left.
3. Click Scan in the top-menu → Open the Website Scan tab.
4. Start Scan.

The website scan checks your front-end web-pages for vulnerabilities, errors and known malware. It is a good, ‘first-level’ check of threats on your site, but you should enable the full malware scanner for long-term protection. 

Enable Server Side Scanner

You need to provide FTP details for your site to enable automatic configuration. The Web Security solution will use the details to upload the scanner agent.

1. Access your Web Security Dashboard.
2. Select a target website from the menu at top-left → Click Scan in the top-menu → Open the Server Side Scan tab.
3. Navigate to Overview.
4. Click Enable Scanner.

Automatic Setup

Select Automatic in the server side scanner box. Select one of the following Connection Type → Click Save.

The agent will be uploaded to your site. You will see 'Server side scanner is enabled' if everything is successful.

Manual configuration means downloading the agent file then copying it to your site. You need to place the file in a publicly accessible location so we can authenticate it and start the scans.

Manual Setup

Select Manual in the server side scanner box:

1. Download the PHP file in step 1.
2. Upload the file to the root folder of your website. The file should be publicly accessible.
3. Enter the URL of the uploaded file in the text field.
4. Click Test and Save to run the check.
5. The scans will start after successfully completing the check.

Add exceptions

You can exclude files from the server-side scan as follows:

• Scroll down to the exclude file types section.
• Type the extension of the file that you want to exclude. You must prefix the extension with *. For example, *.txt.
• Click '+'.
• Repeat the procedure to add more file extensions.
• Click Save.

Enable Web Application Firewall

The firewall section contains real-time statistics about attacks blocked on your site. You can also configure firewall settings, create custom firewall rules, and view results from the cyber security operation center.

1. Access your Web Security Dashboard.
2. Select a target website from the menu at top-left → Click the Firewall tab.
3. Customise WAF Rules (For Premium Plans Only). 
4. Click Settings to open the WAF Settings page.
5. Toggle WAF Status to the right to enable WAF and toggle to the left to disable it.
6. Customise WAF Policies as needed. 

Tip: If you disable WAF protection then all firewall policies and rules are deactivated, including custom rules.

Setup Backup

1. Access your Web Security Dashboard.
2. Select a target website from the menu at top-left.
3. Click the Backup tab.
4. Click Settings at the upper-left.
5. Add required information. The settings page lets you configure:

Tip: You may need to whitelist the IPs from where the backup will initiate the connection: 52.201.182.91, 52.10.241.82, 3.213.96.39, 3.94.137.21

Step 10. Add Trust Seal to your website

What is a Trust Seal

The trust seal is a website badge that proves your site is malware free and protected by one of the leaders in online security. This helps build the trust you need to convert new website visitors into paying customers. The seal is available in multiple languages and designs.

How to add the Trust Seal to your site

1. Access your Web Security Dashboard.
2. Select a target website from the menu at top-left.
3. Click the Trust Seal tab.
4. Follow the instructions on the screen.

Manage your subscriptions

To renew, deactivate renew, upgrade your subscription, please access your EuroDNS Control Panel. For immediate termination/ deletion or downgrade of your subscription, please contact our support team

How to renew my subscription

We recommend you to enable automatic renewal for your Web Security subscription. The subscription will be suspended for 15 days before completely deleted. Once suspended the proxy will be disabled, and the origin IP will be resolved instead of the CDN. 

Tip: If you deactivate the auto-renewal option, you will have to renew it manually to prevent losing access to the Web Security functionality.

How to cancel my subscription

• Option 1: Disable auto-renewal. Your subscription will expire on the due date.
• Option 2: Immediate termination of the product. Contact support team.

IMPORTANT: We do not issue a refund for the remaining time on the plan.

How to upgrade my plan

• You can upgrade to the next tier plan at any time.
• Go to EuroDNS Control Panel→ Products → Web Security Tab.
• Navigate to the selected Domain Name→ Click on the “edit pen icon” next to the domain name.
• In the section Upgrade, select the upper offer you want to subscribe to and follow the instructions. Once the purchase is completed, the expiration date will remain the same, and you will be charged on a pro-rata basis.

How to downgrade my plan

If the chosen package is not responding to your requirements you can request a downgrade by contacting our customer support team.

How free trial works

With the free trial of our Pro Plan, you can explore its full range of security features, such as advanced malware protection and DDoS defence. Once the trial period ends, your subscription will automatically transition to the paid plan and be billed for 12 months. If you decide not to continue, you can disable auto-renewal at any time before the trial ends or cancel the trial through our support team. For more details on the plan and its features, see our product page.

Managing existing hosting security & CDN

When integrating a new CDN or security system with your existing hosting environment, it's important to consider potential conflicts and follow these best practices:

• CDN Conflicts: If your hosting already uses a caching system like Varnish or another CDN provider, conflicts may arise. It is best to use only one CDN to avoid redundancy and compatibility issues.
• Firewall Configuration: If there is an existing firewall on the server, make sure to whitelist the Web Security IP addresses to prevent blocking legitimate traffic. Also, avoid blocking traffic from VPNs used by the Web Security system.
• Rate Limiting Tools: If you use tools like Fail2Ban or rate limiting systems, ensure they are configured to use the X-Forwarded-For header to properly track the client’s real IP address, as CDN traffic will pass through the CDN IPs.
• Avoid Parallel WAFs: Do not run two Web Application Firewalls (WAFs) in parallel, as this can lead to conflicts and reduced performance. Use one WAF that is best suited to your needs.

These steps will help ensure that your hosting security and CDN configurations work harmoniously without causing performance or security issues.

Conclusion

Congratulations! You’ve successfully set up and optimised your Web Security solution. With your website now protected against a wide range of threats, you can focus on what really matters—growing your online presence and delivering a safe, seamless experience for your visitors. 

Stay proactive by regularly monitoring your security dashboard and making the most of the powerful features at your fingertips. 

If you need any assistance or have questions along the way, don’t hesitate to reach out to our support team. We’re here to help you every step of the way!