Firewall and Protections
Nova Scan includes a built-in Web Application Firewall (WAF) and multiple protection layers that block threats before they reach your site.
The Protections Tab
The Protections tab in Nova Scan is your control center for all active defense features. Each protection can be toggled independently.
Web Application Firewall (WAF)
The WAF inspects incoming HTTP requests in real time using the N-Dimensional Engine. It blocks:
- SQL injection: Malicious database queries in URL parameters, form data, and cookies
- Cross-site scripting (XSS): Script injection attempts in request payloads
- Path traversal: Attempts to access files outside the web root
- Remote code execution: Payloads designed to execute commands on your server
- File inclusion attacks: Attempts to load malicious remote or local files
Brute Force Protection
Blocks repeated login attempts by tracking failed logins per IP address. After a configurable number of failures, the IP is temporarily locked out. This protects against automated password-guessing attacks.
Request Filtering
Filters suspicious request patterns including:
- Unusually long query strings
- Known malicious user agents
- Requests to sensitive WordPress files
- Null byte injection attempts
The Firewall Tab
The dedicated Firewall tab shows:
- Blocked requests: A live count of threats stopped
- Top attacking IPs: Which addresses are targeting your site most
- Block rules: Custom IP and country-based blocking rules
- Firewall log: Recent blocked requests with full details
Nova Shield
Nova Shield is a cross-domain frontend security layer that protects your site visitors. It monitors your pages in the browser to detect:
- DOM injection: Unauthorized scripts or elements added to your pages
- Script integrity violations: Modified or tampered JavaScript files
- Suspicious redirects: Attempts to redirect your visitors to malicious sites
Shield violations appear on the Shield tab in your Nova Scan dashboard with full details about what was detected and when.