Support End-to-End Encryption on the Web
The Wordfence Team would like to encourage website owners and Internet users to support end-to-end encryption on the Web. Today we are announcing that our official position is the following:
- Wordfence is a strong supporter of end-to-end encryption for the online community.
- We suggest that you avoid services that break end-to-end encryption by intercepting and decrypting traffic.
- We encourage website owners to implement HTTPS on their websites in a way that provides end-to-end encryption for their site visitors and customers.
- We encourage corporate network owners and CISOs to avoid products that perform HTTPS interception and break end-to-end encryption.
- We encourage site owners to avoid Cloud products that perform HTTPS interception and decryption, like Cloud WAFs.
What is end-to-end encryption?
When your web browser connects directly to a website using HTTPS, your connection is end-to-end encrypted. If the website is using a Cloud WAF or similar service that decrypts traffic to inspect it, your connection is not end-to-end encrypted because your traffic is decrypted at the cloud WAF, not at the website you are visiting.
Similarly if you are on an office network and the company is using an HTTPS interception product to secure the network, they are also decrypting your traffic before it reaches the destination. This is not end-to-end encryption.
End-to-end encryption never decrypts traffic between the browser and web server.
Why is end-to-end encryption important?
When your website visitors are visiting your site and see the green “Secure” indicator in their location bar with a lock icon, they have a reasonable expectation of privacy and security. Their expectation is that their communications are being conducted via HTTPS which verifies the identity of the server they are talking to and provides a secure communication channel from the browser to the web server.
Products that intercept HTTPS traffic break this security model without the website visitor realizing it. The site visitor continues to see the same security indicators in their web browser and are unaware that their connection is being intercepted and inspected.
In some cases the remote web server’s identity is no longer verified and error messages related to verification are hidden from the site visitor. The connection after the point of interception may also no longer be encrypted and the site visitor is also not made aware of this important fact.
How can I ensure that my website visitors have end-to-end encryption?
The good news is that providing end-to-end encryption is easy. Simply set up a website that uses HTTPS and don’t use any services that intercept traffic. A cloud WAF is an example of an HTTPS interception service.
If you use a CDN, ensure that you are serving static assets from the CDN and that you haven’t given the CDN your SSL key so that it can decrypt your customer traffic.
What are some of the problems with breaking end-to-end encryption?
Cloud WAF providers decrypt HTTPS traffic so that they can inspect it for exploits. The problems this introduces are:
- In some configurations they don’t re-encrypt the HTTPS traffic, leaving it to pass unencrypted over the internet.
- In some configurations they don’t verify the identity of the web server the visitor is communicating with and they hide this fact from the site visitor.
- In all configurations, traffic between a browser and website is decrypted for inspection on a server owned by a third party.
Corporate HTTPS interception products also decrypt HTTPS traffic to inspect it as part of a corporate security policy. This creates the similar problems which have been described in detail by the Software Engineering Institute at Carnegie Mellon University.
What are other experts saying?
US-CERT is the United States Computer Emergency Readiness Team. They are an organization within the US Department of Homeland Security. US-CERT has previously released Alert TA15-120A which explains how important it is to secure end-to-end communications. It also explains that when end-to-end encryption is broken, it enables potential MITM or man-in-the-middle attacks.
Yesterday US-CERT released Alert TA17-075A titled “HTTPS Interception Weakens TLS Security”. The alert includes:
“Many HTTPS inspection products do not properly verify the certificate chain of the server before re-encrypting and forwarding client data, allowing the possibility of a MiTM attack. Furthermore, certificate-chain verification errors are infrequently forwarded to the client, leading a client to believe that operations were performed as intended with the correct server.”
In Alert TA17-075A, US-CERT is referring to HTTPS interception products that are used on corporate networks. We extend this point of view to any HTTPS interception products, including cloud WAFs.
Wordfence is recommending that website owners move away from cloud WAFs.
Cloud WAFs are HTTPS interception products. They decrypt traffic and in some configurations they either don’t re-encrypt it, or they don’t perform certificate validation to verify the identity of the website being visited. This breaks end-to-end encryption.
Wordfence’s official position is that we don’t recommend our customers use cloud WAFs. Instead we recommend that you use an endpoint security product which is installed on the website itself and does not rely on breaking end-to-end encryption.
If you are using a cloud WAF, we recommend you eliminate the cloud WAF and provide full end-to-end encryption for your website visitors. If you need a site accelerator, use a CDN provider to speed up your site. You can find a large list of CDN providers here.
Very few websites are ever targeted using a DDoS attack, but if you feel you may be the target of a DDoS attack, you can choose a hosting provider that provides DDoS mitigation at the endpoint, like WPEngine or Hetzner. Your existing host may provide it.
At Wordfence, we aren’t opposed to cloud WAFs because we make an endpoint security product. We make an endpoint security product because we are opposed to cloud WAFs.
Building Wordfence as a firewall and malware scanner that runs on the WordPress website itself (the endpoint) was a conscious choice by our engineering team. Running on the endpoint lets us make better blocking decisions using data like user identity, which cloud WAFs don’t have. It also means that we don’t break end-to-end encryption for site visitors.
We have recently seen how intercepting and decrypting web traffic can have catastrophic effects when the decrypted data leaks onto the public internet through software errors. We believe that making a strong commitment to end-to-end encryption is the best way to ensure the privacy and security of the online community.
Mark Maunder – Wordfence Founder & CEO.