RunCloud provides a clean, near-vanilla environment by default to ensure compatibility with a wide range of web applications, themes, and plugins. This approach avoids conflicts that can occur with preconfigured security rules.

For users who want additional protection, RunCloud includes optional NGINX-based firewalls (6G, 7G, and 8G) that can be enabled directly from the dashboard. This guide explains what these firewalls are and how to activate them for your web applications.

Understanding the 6G, 7G, and 8G NGINX Firewalls

The 6G, 7G, and 8G “firewalls” are sets of NGINX rules developed by Perishable Press. They are not standalone software firewalls but predefined configuration files that block malicious HTTP requests at the server level.

These rule sets help protect against attacks such as cross-site scripting (XSS), code injection, and cache poisoning.

Benefits of enabling these rules include:

  • They operate at the NGINX layer, blocking malicious traffic before it reaches your web application.
  • They are lightweight and add almost no performance overhead.
  • They can be activated in RunCloud with a single selection in your NGINX configuration menu.

Choosing the Right Firewall

Each version of the firewall builds on the previous one to improve rule coverage and detection.

RunCloud recommends using the latest available version, 8G, which includes all previous protections from 6G and 7G, along with updated rules and refinements.

Enabling the 6G, 7G, or 8G Firewall in RunCloud

Enabling these server-level firewalls is a straightforward process within the RunCloud dashboard. Follow these simple steps:

  1. Log in to your RunCloud dashboard, select the server, and then the specific web application for which you want to enable the firewall.
  2. In the left-hand menu, select NGINX Config.
  1. Click Add a New Config.
  2. Under Predefined Configurations, open the dropdown list and select the desired firewall version (for example, WordPress – 8G Firewall).
  1. Review the configuration, then click Save Config to deploy the new rules.

Using the NGINX Firewall with Application-Level Security

While the NGINX firewall significantly enhances security, it is not a replacement for application-level tools such as Wordfence or Patchstack. These firewalls serve different but complementary purposes within a defense-in-depth strategy.

  • NGINX firewall (server-level protection): Blocks most malicious requests before they reach your application, reducing load and exposure.
  • Application firewall (application-level protection): Understands your web application’s logic and blocks advanced threats that bypass general server rules.

Using both creates a layered security model that provides stronger, more resilient protection than either alone.

If you have any other questions or need help – please feel free to get in touch with our 24/7 support team. We’re here to help!