Incapsula: Increase the Security and Performance of Your Website

I am always looking for ways to increase both the security and performance of my blog, so I decided to have a look at Incapsula. A recent comment was left on my blog that introduced me to the service, and I was also recently invited to try out their service. I have recently been using CloudFlare to improvie my blog’s performance, but I decided to see what Incapsula had to offer.

On July 14th, I signed up with Incapsula and have been testing out their service for the past two weeks. In this post I will provide some information, stats, and thoughts on the service so you can determine if you wish to use the service for your site or blog.


Incapsula: Increase the Security and Performance of Your Website

Who is Incapsula?

Before I go into detail about my experiences with Incapsula, I thought it would be best to provide a quick overview of who Incapsula is, and what they offer.

Incapsula started its private beta on July 11, 2010 and launched its full service on November 15, 2010. It is a cloud-based, Web Application Firewall service that provides security for websites of various sizes. All requests to your website are routed through Incapsula’s servers that inspect all incoming traffic to your website to help keep hackers out.

In addition to the added security of using Incapsula, a website will also see significant performance gains because of Incapsula’s global network of high-powered servers that will cache various aspects of your website. By service cached content from its servers, Incapsula will help to reduce the load and requests that are handled by your web server.

The added security and performance increase is probably more than enough for anyone who manages a website to become interested in the Incapsula service. It did for me, which is why I signed up with them.

The Incapsula Free Plan

There are currently 4 plans that Incapsula offers. There are several factors that will determine which plan you choose, such as the amount of data transferred from your website, and whether your site utilizes HTTPS.

For most personal sites, and small commercial sites, you can sign up for the “Personal” plan, which is FREE. For my review of Incapsula I signed up with the Personal plan, and had no issues with using this free option.

The Personal plan provides the following options:

  • Up to 25 GB transfer per month.
  • Security (illegal access prevention, bad bot blocking, SQL injection prevention, cross-site scripting prevention).
  • Performance (global sever network, static content caching, connection optimization).
  • Monitoring (server outage notification, load vs. response time monitoring).
  • Management (console, security and performance notifications, weekly digest report).
  • Community support.

As you can see from the above list, you do get quite a bit for using their free service. The paid-services offer more bandwidth and additional services. Incapsula has a web page dedicated to outlining their pricing and plans for easy comparison on the features of each plan.

My Experiences With Incapsula

Now that the brief introduction on Incapsula, and information about their free plan is complete, I will now give my impression of their service and how it has affected my blog over the past two weeks. I could have tried out their service for a few days, but I wanted to provide enough time to get a good feel for how their service performs, and to gather some data with regards to the performance of my blog.

Security

One of the major selling points of Incapsula is how they provide security for your website. While smaller websites that aren’t affected by hackers on a regular basis may not notice a difference, it is important to understand that there are different types of attacks on a website.

Incapsula provides a dashboard that displays an overview of not only the traffic to your website, but also various threat information that has occurred in the past few days.

Incapsula - Dashboard Threat Information
Incapsula - Dashboard Threat Information
(Click to enlarge)

The above screenshot highlights various areas on the dashboard that provides some details of threats that had occurred on my blog in the past 7 days. Without Incapsula, I wouldn’t have seen the number of threats against my blog. The information provided is a real eye-opener to the how many threats happen on a regular basis. As you can see, my blog registered 787 threats with 785 being bots, 1 SQL injection attempt, and 1 illegal resource access attempt. This data can be seen in the lower left corner.

How the threats are dealt with is up to you, the owner of the website. By default, Incapsula sets the actions for all threats to “Observe and Report”, which basically means that Incapsula will monitor the threat and report it to you.

Incapsula - Threat Rules
Incapsula - Threat Rules
(Click to enlarge)

Depending on the type of threat, Incapsula allows you to select several options on how the threat is to be dealt with. Additional options include “Block Request”, “Block User”, “Block IP”, and “Do Nothing”. I like how Incapsula allows you to specify the type of action for each type of threat that your website may encounter instead of providing “blanket security” for all threat types.

The number of threats that Incapsula can monitor is great as it covers many of the major threats that any website or blog will encounter.

Performance

The one key element that most owners of a website or blog is interested in is that of performance. While you may not see the number of threats that are occurring daily on your site, you can definitely see the load times of your web pages.

I am always trying to ensure the pages on Technically Easy load as fast as possible. Incapsula has really helped in that area, because of my blog’s static content being cached and sent from Incapsula’s global network of servers.

To show you how much the performance of my blog has been affected, let’s look at Pingdom’s response time monitoring of my blog from a time period before using Incapsula, and while using Incapsula.

Response Time - Before Incapsula
Response Time - Before Incapsula
(Click to enlarge)

The above chart is back in June while the static content for Technically Easy was being sent directly from my host. As you can see the response time averaged almost 3 seconds. The fastest response time was 2.44 seconds, while the slowest time was 3.27 seconds.

While many sites are slower than this in response time, especially those that are just using a host, I wanted to see if Incapsula can improve upon these numbers. Below are the results when using Incapsula’s servce.

Response Time - Using Incapsula
Response Time - Using Incapsula

The average response time while using Incapsula drop to below 1 second. That is over 3x improvement in load times! The slowest response time was 1.27 seconds, which is still significantly faster than the fastest time from my host. The fastest time was .8 seconds, which is a tremendous response time.

From the above chart, you may notice a large spike around July 24th. There is a reason for this spike which I will explain later on in this post.

While the response times improved significantly while using the Incapsula service, let’s see the results of uptime, which will show how often your website remains up and running.

Uptime

Not many people will measure the uptime of their site, but I try to keep an eye on how often my blog goes offline. The one thing I don’t like is for someone to visit my blog and get an error page indicating that Technically Easy is down.

I use Pingdom to not only monitor the response time of my blog, but also the uptime. The results of the uptime while using Incapsula are shown below.

Incapsula - Uptime
Incapsula - Uptime
(Click to enlarge)

For the two weeks that I have been using Incapsula, my blog was up and running 100% of the time. In the past year, it was very rare, if at all, for my blog to be up all the time for a two week period.

What I Didn’t Like About Incapsula

As you can see, there is a lot to be excited about with Incapsula. You get security monitoring and performance improvements, regardless of the size of your website.

With that being said, there are a few things that I wasn’t too keen about with regards to the Incapsula service. The items that I didn’t like, however, won’t stop me from continuing to use the service, I would like to mention them as part of this review.

The first item is the way the dashboard and the reports are displayed and presented to the user. All reports on their website are displayed using Flash.

I am not a fan of entire web pages comprised of nothing but flash objects. I found that on my laptop – a Dell Inspiron 6400 – that is running Ubuntu 11.04 the dashboard and reports took sometime to display because of the flash.

I would much rather prefer the charts to be flash objects, but the details to be presented in HTML. This will allow me to see the details of my statistics quickly while I wait for the charts to load.

Update:

Incapsula has released a new version of their dashboard and reports. The new version uses HTML instead of Flash to display the charts and information, which has resulted in a significant performance improvement. I have written a post about the new version of Incapsula to show what the new version looks like.

In addition, I did have a minor problem with the e-mail accounts associated with my blog after setting up Incapsula. The problem was enventually resolved, but I would like to make not of it in case others encounter the same problem.

The mail subdomain for Technically Easy was pointing to technicallyeasy.net. This caused the e-mails that were sent to my Technically Easy accounts to be sent through the Incapsula service. This prevented e-mails from reaching me from various people.

To temporarily solve the problem, I disabled the Incapsula service, which explains the large spike in the response time graph that you can see above.

I contacted Marc Gaffin, co-founder of Incapsula, who quickly confirmed what I thought was the problem. I changed the mail subdomain to the IP address of my host’s server and my e-mail problems were quickly corrected. Perhaps there could be a changed to the setup instructions for Incapsula to include additional changes that will need to be made to DNS entries when setting up Incapsula.

My Conclusions

After using Incapsula for the past two weeks, I would have to say that it is a great service. It is fairly new, so I’m sure that many things will change going forward, but for such a new service they have done many things right.

First, they are able to detect and alert me to many threats to my blog. In addition to alerting me to a threat, I can also determine the type of action to take for various types of threats.

Second, the performance improvements in terms of load times is amazing. My blog’s web pages are being served over 3x faster than they would be through my host. Also associated with performance, the uptime of my blog while using the Incapsula service was 100%. Having my blog up all the time is a great bonus for me as this means my visitors will always be served a page from my blog.

While I don’t like how all their reports are in flash, and I did have problems with my e-mail accounts, I would continue to use their service as I don’t consider these two issues to be any real problem. Plus, with the e-mail problem solved, the flash reports are a small price to pay for the security and performance improvements of my blog.

If you are serious about increasing the security and performance of your website, I highly recommend that you try out the Incapsula service.

Follow Me