Live chat

Denial Of Service

18th May 2015

in Denial Of Service

Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 – CVE-2015-1635)

Posted by Malcolm Turnbull 18th May in Denial Of Service

Microsoft quietly patched a fairly nasty little bug (MS15-034) in IIS last month: A simple HTTP request with an invalid range header field value to either kill IIS, reveal data or remotely execute code! We haven't seen one of these in a while and obviously you are safe if you have automatic security patching turned on. However, with our renewed focus on web application security, I thought this would be a good example to show how easy virtual patching is with the industry standard tools used in the Loadbalancer.org appliance.

Continue reading...
6th March 2015

in Denial Of Service

Simple Denial of Service DOS attack mitigation using HAProxy

Posted by Malcolm Turnbull 6th March in Denial Of Service

Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I've described how you would implement the techniques using the Loadbalancer.org appliance but they are easily transferable to any HAProxy based cluster.

Continue reading...