ENVOY Proxy versus Loadbalancer.org: Why storage vendors need purpose-built load balancing for S3, NFS, and SMB
Envoy was never optimized for sustained, high-throughput, state-aware storage traffic across multiple protocols simultaneously...
Customers with manually configured, custom client authentication deployments (rare) or using “re-encrypt to backend” to communicate with untrusted third-party servers (very rare) may be impacted...
All WAF vendors and services using ModSecurity are affected by this vulnerability (unless they have the vulnerable piece of code disabled, by chance)...
A recent visit to Southampton Solent University...
The Apache Log4j utility is commonly used for logging requests by millions of Java applications to log error messages. However, recently the critical vulnerability CVE-2021-44228 was discovered in the Apache Log4j library...
In this example, I’m going to add a new transformation function to ModSecurity to calculate the Scrabble score of a variable. This will allow us to block HTTP requests containing query string parameters with a Scrabble score above a chosen threshold...
In early June 2021, I identified a request body bypass vulnerability in the OWASP ModSecurity Core Rule Set (CRS). Loadbalancer.org appliances themselves are unaffected...
Controversial advice for anyone thinking of moving from HAProxy to a proprietary load balancer...
Should you invest in a proprietary load balancer from one of the market leaders like F5? Or should you take a chance on open source load balancing software?..
Control how HAProxy will be started, stopped, restarted, reloaded, or monitored...
At the end of the day open source is really about having access to the source code for your tools and programs, to do whatever you want to do with it...
In the world of web application security, it can be invaluable to consider a user's behaviour across the entire duration of their web app session...
The X-Forwarded-For Header is a simple yet powerful solution to a very common problem. I'm not sure why, but for some reason it also seems to cause a lot of confusion...