We’ve taken our best ideas, years of customer insights & feedback, to create the best version of Astra Website Protection ever made. Learn about the new features, improvements, and how you can upgrade in a few minutes.
We’re super excited to announce the launch of our re-imagined & re-engineered product – Astra Website Protection 2.0.
Staying aligned with the #AstraPrinciple, If it’s not simple, it’s not done – we’ve built the product from the ground-up, to make it even simpler to protect your web apps.
The new dashboard and Website Protection plugin, will give you greater control over the security of your website than you’ve ever had – while being no-code, plugin-n-play & secure as always.
Here is EVERYTHING you need to know about this major (and long awaited) release ✨
Astra Firewall is now Astra Website Protection
Some of our (delightful) customers thought that the name ‘Astra Firewall’ didn’t fully convey the value provided – and we agree!
Our plugin is much more than just a firewall. It comes with:
- Web-application Firewall
- Malware Scanner
- Login Protection
- File Upload Protection
- IP/Country blocking
- No-code Security Rules (more about this below 🎉 )
So to effectively communicate what our plugin does, presenting to you – Astra Website Protection.
One dashboard for both products – Pentest & Website Protection
As you may know – in addition to our Website Protection plugin, we also offer Pentests as a separate product which helps you discover and repair all the vulnerabilities in your web applications. We’ve combined the dashboard for both these products into one super-dashboard for all your security needs.
Simplified Pricing Plans
Since many of our Website Protection customers were using the Pentest product too – we have simplified the pricing structure and plan limits so that you can use both products without having to pay separately for each. You can see our updated pricing plans here.
Don’t worry – existing subscriptions (that are active) will not be affected by the new pricing structure and will keep receiving all the new (amazing) features we roll out for your plan. If you have any questions about these changes, feel free to reach out to our support team from within your dashboard.
We’ll be upgrading all accounts 🕶️
Over the next few weeks, we’ll be upgrading everyone’s account automatically. If you don’t want to wait and want to try out the new dashboard now itself here is what you have to do:
- Create a new account at https://my.getastra.com/signup using the “Sign up with email” option (not Google account)
- Make sure you enter the email address used to purchase the Astra subscription. If you are a team member, you will have to ask the owner to follow these steps.
- You will receive an email to verify your account. Click on the verification link to activate your account, and automatically migrate your data to the new dashboard
Now you need to install the new Website Protection plugin to access all new features, after uninstalling the plugin already installed on your site. More details in the next few sections.
Reset your password, for enhanced account security
We’ve implemented a newer & stronger password hashing algorithm in the new dashboard. For any team members you may have added to the dashboard earlier – you’ll have to ask them to request a new password using the “Forgot Password” feature at https://my.getastra.com
A new password is required to be set, as it is not possible to import the old password into the new hashing algorithm. Since you have created a new account, you will not have to reset your password.
Install the latest plugin on your website to access new features
To unlock new features such as Booster Rules, upgraded Malware Scan reports etc – you will have to uninstall the old Astra plugin, and replace it with the new plugin which can be downloaded from the dashboard. All your threat data, customizations, preferences etc. are imported automatically.
Even if you don’t install the new plugin, the plugin already installed on your website will work as it is without any disruption. Attacks on your website will be stopped, and malware scans will run as scheduled. However, we recommend you to upgrade the plugin to use all the new features.
Steps to experience the new plugin:
- Log-in to your dashboard at https://my.getastra.com/waf
- Click on the icon next to your website’s name to navigate to the Settings page
- Scroll down to the Re-install Astra section and click on the button
- Select your CMS name from the dropdown & read the instructions given
- Before you install the new plugin, remember that it is important that you uninstall the old plugin.
- Now, download the new plugin from the Re-install Astra page & install it on your website as per the instructions
- Enter the unique Activation Code into the Astra plugin installed on your website
- Now in your Astra dashboard, click on the “Verify Installation” button to confirm that everything is set up correctly.
If you face any problems while reinstalling the plugin, or need assistance with the process just fill in your details by clicking the “Request plugin installation” button on the “Re-install Astra” page or contact us by emailing [email protected]
New Features & Improvements 🥁
Based on customer insights, industry standards, and some magic – we’ve finally built our dashboard and plugin from the ground up.
Fresh Design for a Seamless Experience
To keep the experience consistent & fresh within all our products – our design & front-end team has created a new design language which we’ve adopted across our website, dashboard, plugins, reports etc.
When you Sign in to our new dashboard, you might notice some of these changes:
- Cleaner and consistent styling
- Conversational language & rich help-texts
- Help articles embedded for quick access
- Smoother & quick navigation between pages
- Easier searching, sorting & filtering
- Better stability overall & helpful error messages
Better Stability & Visibly Faster
We’ve built the new dashboard using modern technology to make the whole experience smooth, stable & fast ⚡
Security on-the-go using your Mobile
Use your mobile to quickly see your website’s security status, malware scan results, block attackers and much more on-the-go. Our new dashboard is a Progressive Web App, which can be installed on your device easily.
Just open https://my.getastra.com on your mobile phone browser, and at the top right of the address bar, click Install .
Easier Subscription & Invoice Management
We’ve fully revamped our subscription management page so that you can now purchase new subscriptions, download invoices, modify your plan & manage your payment methods right within the Astra dashboard.
Better Overview of your Security Status
We’ve added more metrics to the security overview page to give you a bird’s-eye view of all the activity around your website’s protection.
From this watchtower you will get insights into:
- Overall Website Protection status
- Weekly & monthly attacks
- Top Attackers
- Top Attack Origins
- Malware Scan Findings
- Options to block Attackers in just 1-click
- More details about each threat stopped on your website
All this information is packaged neatly on one page so that you can take quick decisions & stay on top of things.
Create “Booster Rules” using our no-code builder
While a website protection plugin can stop a wide range of attacks such as SQLi, XSS, RCE etc. on your website out of the box – you might also want to implement specific security measures such as restricting your admin portal to a few IP addresses.
With Booster rules – further strengthen your website’s security posture. You can either use a recipe crafted by experts, or just use our no-code builder to create your own security rules using 10+ variables.
We’ve added 4 security recipes with interactive wizards to get you started quickly. The possibilities are endless – and we’d be happy to help you create more complex rules 😎
Get more details about every Threat stopped
On the Threats page, you can now see an overview of the threats stopped with a breakdown on the type of attacks. For every attack stopped by the Web-application Firewall you can now see the IP address, country of origin, the attacked url, parameter, payload, device being used.
While our website protection plugin takes automatic blocking actions based on your security threshold, you can also block IP addresses, ranges and countries permanently from accessing your website.
Slice and dice data with better searching, sorting, filtering
Throughout the dashboard, we’ve made it easier for you to slice and dice data using the new search, filtering & sorting controls. You can do so by attacker IP address, Attacked Parameter, Attacked URL, country, thread ID etc.
Similarly, you can navigate the list of trusted and blocked IPs with ease by applying filters. These features will lead to more efficient threat management and decision-making.
Enable or disable individual Security Features
We’ve made it possible for you to enable/disable specific security features from withing your dashboard. You can now disable login protection, file upload scanning or the Web-Application Firewall as per your requirement. By default all features are enabled.
Updated Security Tolerance Levels to suit your needs
We understand that different verticals require different levels of protection. Sometimes the firewall may flag something normal for your website as an anomaly. This neat new feature will put an end to that.
You can choose from three security tolerance levels – low, medium, and high. This will represent the stringency with which the firewall flags anomalies or blocks potential threats.
You can also set the protection mode to either only monitoring or automatic blocking. If you select only monitoring, Astra will monitor all actions on the website without acting, the latter option triggers Astra to actively block all threats.
Customizable Security Seal
You can now customize the look, size, and position of Astra’s Security Seal to match your website’s design. (PS: There’s a dark mode, too 😉)
Improved Support Portal & Help articles
You can access our overhauled support portal at https://help.getastra.com/en/ where you’ll find articles for any questions you may have around both our products.
At the time of writing this article, our Slack Integration is yet to be available in the new dashboard. Based on the feedback we’ve received from all of you, we will be re-imagining the integration and shall begin rollout next quarter.
Also, we will be discontinuing the Cookie Consent tool to focus solely on the core product. You can continue to use the Cookie Consent tool already integrated on your website, but we will not be releasing any new updates to it. You can try this open-source alternative.
- We’ve built a new dashboard and plugin for our Website Protection product from the ground-up. The new login url is https://my.getastra.com
- There’s only one dashboard for both our products – Website Protection & Pentest
- We’ll be upgrading all customers over the coming weeks, but you can choose to upgrade immediately by following these instructions
- To access new features you will need to uninstall the old plugin and install the new one on your website.
- If you have any questions, feedback or need assistance with the upgrade – drop us a note on [email protected]
So it looks like we’ve killed the surprise by telling you about all the changes. We hope you love what we’ve done with the Astra Website Protection product, and look forward to hearing your experience.