Skip to main content
Back to all posts

Open source

The open source community is second to none

Latest post

ENVOY Proxy versus Loadbalancer.org: Why storage vendors need purpose-built load balancing for S3, NFS, and SMB

ModSecurity DoS vulnerability (CVE-2021-42717)

All WAF vendors and services using ModSecurity are affected by this vulnerability (unless they have the vulnerable piece of code disabled, by chance)...

Open source Security WAF

Apache Log4j vulnerability CVE-2021-44228

The Apache Log4j utility is commonly used for logging requests by millions of Java applications to log error messages. However, recently the critical vulnerability CVE-2021-44228 was discovered in the Apache Log4j library...

Security Open source

Extending ModSecurity: How to add completely custom WAF functionality

In this example, I’m going to add a new transformation function to ModSecurity to calculate the Scrabble score of a variable. This will allow us to block HTTP requests containing query string parameters with a Scrabble score above a chosen threshold...

WAF Open source Security

Open source versus proprietary load balancers

Should you invest in a proprietary load balancer from one of the market leaders like F5? Or should you take a chance on open source load balancing software?..

Open source

NGINX and X-Forwarded-For Header (XFF)

The X-Forwarded-For Header is a simple yet powerful solution to a very common problem. I'm not sure why, but for some reason it also seems to cause a lot of confusion...

Open source How-tos Integrations