Blibli

Cloudflare Zero Trust solutions secure Blibli’s infrastructure for a frictionless online shopping experience

With a population of over 273 million, Indonesia is one of the world's fastest-growing consumer markets, with ecommerce revenues growing nearly 20 percent annually. Amidst significant regional and international competition, locally-owned Blibli is one of the country’s top five online retailers.

Founded in 2011, Blibli maintains a strong following with Indonesia’s most affluent consumers, a demographic expected to double from 9 percent to 21% of the population by 2030. Offering unmatched quality is Blibli’s key strategy — in a market where counterfeit goods are common, Blibli guarantees their inventory and brand name products are genuine. They offer a no-question, money-back return policy on everything they sell. As a result, Blibli customers are more likely to make their higher-value transactions on the Blibli platform than through competing channels.

Challenge: Maintaining a reliable consumer marketplace in a threat-heavy online environment

Blibli faced several challenges — some common to online enterprises and some exclusive to Indonesia. The company’s primary pain points were competitor-driven DDoS and bot attacks and a fragile payment gateway.

“To conduct payment in Indonesia, Blibli payment gateway service needs a direct connection with the bank,” explains Rendra. “It can’t reside in the cloud. We need to maintain an on-premise payments infrastructure and keeping that infrastructure secure is one of our top priorities.”

Blibli needs threat protection above current Indonesia IXP can provide. Blibli site and payment gateway were particularly vulnerable to deliberate volumetric DDoS attacks. The attacks occurred during major promotions and advertised online events, leaving Blibli customers unable to complete payments even though they were able to put things in their carts. Blibli was losing revenue and brand reputation.

In addition to DDoS attacks, malicious bots strained Blibli’s hosting infrastructure, increased bandwidth costs due to traffic spikes, made products unavailable by hoarding inventory, and skewed expenses with unusually high off-peak traffic volumes. Blibli needed to ensure they could process customer transactions without any interruptions.

Finally, Blibli sought to improve security and governance over their internal infrastructure and gain more granular control over employee access. “Achieving a Zero Trust infrastructure was always part of the plan,” explains Rendra. “But the pandemic pushed us to quickly find a solution that allowed our employees to work securely from home.”

Securing on-premise payment systems against DDoS attacks with Cloudflare Magic Transit

In 2019, Blibli moved to Cloudflare. “Our previous solution was difficult to use, time-consuming to configure, and slow to propagate changes. It also wasn’t very effective,” relates Rendra. “Cloudflare is a much more agile solution — we make changes often and see them reflected immediately. The Cloudflare dashboard is also much more user-friendly because it is designed to be used by anyone, not just security experts and CDN specialists.”

With several major events planned and DDoS attacks surging, Rendra and the Blibli team implemented Cloudflare Magic Transit — the secure managed networking solution that operates on layers 3 and 4. The goal was to ensure their payment infrastructure and network assets were safeguarded using private network interconnects. Before implementing Magic Transit, Rendra and his team spent a significant amount of time and resources reactively, rather than proactively, combatting attacks.

“Magic Transit was our savior. During the emergency onboarding, Cloudflare engineers secured our infrastructure very rapidly,” explains Rendra. “We worked together to determine what kind of traffic we would let through and what we wouldn’t. Now it just works seamlessly — when attacks happen, we monitor them from the dashboard and carry on with our work day.”

Blibli configured Magic Transit and Cloudflare Network Firewall in under 48 hours, effectively mitigating the ongoing DDoS attacks and helping them gain critical network visibility. “Since then, it hasn’t required much additional attention at all. It is easy to create firewall rules and immediately deploy them when we see something happening or when we get intelligence that an attack will occur soon.”

Cloudflare has created a better experience for Blibli users and the security team. “With Magic Transit in place, we can honor our SLAs (Service Level Agreements) for event tickets and ensure our customers a failure-free shopping experience,” he says, “When management announces an event and asks me about our security landscape, I can say with complete peace of mind, “We got this. We are good to go.”

Cloudflare Bot Management stops malicious inventory blocking and reduces network costs

With their DDoS issues resolved, Blibli focused on implementing Cloudflare Bot Management to monitor automated activity on their domains and block attempts to hoard inventory.

“We were concerned about blocking beneficial traffic like Google and price comparison sites that provide us with positive exposure,” says Rendra. “Using Cloudflare Bot Management, we can identify and allow good bot traffic while using Rate Limiting on login post requests to stop application-layer attacks on our pages.”

Blibli also relies on Cloudflare threat intelligence and JA3 fingerprint identification to combat unwanted traffic. Overall, Cloudflare has reduced bot activity on Blibli domains by over 35%, resulting in corresponding savings on infrastructure costs without impeding organic search rankings or useful third-party links.

Cloudflare Zero Trust secures Blibli’s workforce

The Covid-19 pandemic not only forced Blibli to transition to remote work but also to keep up with increased demand for goods online. Blibli’s distributed employees and partners needed more secure, efficient ways to connect to their corporate applications and the Internet to remain productive and serve their growing customer base.

Blibli turned to Cloudflare Zero Trust to proactively address their remote work security needs. Blibli rolled out Cloudflare’s Zero Trust Network Access (ZTNA) solution to apply granular, identity-based access controls for priority users who interact with sensitive data in internal applications. Over time, Blibli plans to extend these Zero Trust controls to several hundred more users and a broader range of resources, including SaaS apps and legacy apps hosted in private IP spaces.

Blibli appreciates how easy Cloudflare made it to secure applications, deploy a device client, and set up policies.

“We wanted to accelerate our Zero Trust plan, but we did not want to substantially increase overhead by adding extra appliances or setting up dedicated services,” Rendra said. “Cloudflare Zero Trust fit the bill perfectly. It was easy to integrate into our infrastructure and connect to our portfolio of applications.”

From now on, the Blibli security and IT teams are thinking proactively about better protecting their devices and data while users browse the Internet. One early step will be layering Secure Web Gateway (SWG) capabilities such as DNS & HTTP filtering and inspection to protect users from online threats like phishing and ransomware. In the long term, Blibli is exploring ways to leverage Cloudflare’s Browser Isolation to insulate users from untrusted web content further and protect data that users interact with in their browsers.

Cloudflare solutions and support are central to Blibli’s continued growth in Indonesia. “The Cloudflare engineering team is always there to help us ensure our rules are set up right,” says Rendra. “Cloudflare support is so effective that any organization can provide onboard the solution without much technical knowledge.”

“In the past, when zero-day threats arose, we were only aware of them following the vulnerability. Now, the Cloudflare team responds immediately, providing advice and mitigating attacks before going offline. It is the speed of that response that we appreciate.”