Websupport is a leading web hosting provider based in Sweden and Slovakia. Websupport is dedicated to helping their customers succeed online by delivering high-tech solutions, business understanding, and world-class support.
The constant and growing web security threats make selecting a robust, scalable, and adaptable Web Application Firewall (WAF) crucial. Websupport, a leading web hosting provider based in Sweden and Slovakia, tackled the challenge of modernizing its WAF system by transitioning to the CrowdSec WAF.
Identifying the need for a new WAF
Websupport relied on an outdated OpenResty WAF module that was no longer supported. The challenge was to find a replacement that not only integrated smoothly into their existing infrastructure but also offered the same or better performance. Initial research led them to ModSecurity, but uncertainties around its future discouraged adoption. Coraza appeared to be a viable option, yet a lack of a production-ready connector for NGINX/OpenResty presented challenges.
The search was over when the Websupport teams discovered the CrowdSec Security Engine, a behavior-based IDPS solution with a WAF module that leverages Coraza as its underlying engine. After a successful testing phase, the team opted for a full implementation of the CrowdSec WAF, complemented by the OpenResty Remediation Component for additional security.
Improving web security while preserving workflows
The primary benefit for the Websupport team was the continued ability to use SecLang rules without needing significant adjustments, preserving familiar workflows. This compatibility minimized learning curves and operational disruptions. As the team uses solely the CrowdSec WAF, they could focus on core WAF functionality without needing to reconfigure extensive rulesets.
“With a focus on stopping malicious traffic, CrowdSec has become a vital component in protecting our customers’ web servers and meeting our security goals,” says Victor Edvardsson, System Engineer at Websupport. “CrowdSec has proven itself as an invaluable tool for safeguarding our environment against online threats.”
Smooth integration and quick support
Transitioning to a new WAF solution can be complex, and the Websupport team encountered a few initial bugs during implementation. However, the CrowdSec support team addressed these issues swiftly, minimizing disruptions. Post-deployment, the CrowdSec WAF performed exceptionally well, with zero noticeable impact on latency or server load — a critical requirement for any high-traffic hosting environment.
Overall experience: “Excellent!” This response captures Websupport’s satisfaction, with no significant challenges or frustrations. The team’s interactions with CrowdSec’s support have been entirely positive. Each issue has been resolved promptly, underscoring the high-quality support that CrowdSec provides.
“Our overall experience with CrowdSec and CrowdSec support has been excellent! Product updates and documentation are clear and helpful, with no improvements needed,” says Victor.
Despite some initial confusion with terminology, the CrowdSec documentation effectively smoothed out the learning process. The team quickly found the CrowdSec WAF easy to navigate and operate once they familiarized themselves with the key concepts. The support resources and regular product updates were appreciated, contributing to an overall positive user experience.
CrowdSec WAF is an indispensable part of the security toolkit
For Websupport, the CrowdSec WAF has proven to be an effective, reliable, and indispensable part of their security toolkit.
By choosing CrowdSec, they have gained a WAF solution that not only meets their immediate security needs but also adapts to their infrastructure with minimal impact on performance. This use case demonstrates the strength of CrowdSec WAF as a solution that is both scalable and responsive, providing essential web protection in an increasingly complex digital landscape.
