Security - Founded on open source, enhanced with our web application firewall and user protection.

How resilient is your network?

How can we safely deal with very large HTTP requests when working with a WAF?

If exploited, the F5 CVE-2022-1388 vulnerability can lead to a full system takeover.

Detail on Spring Framework vulnerabilities CVE-2022-22963 and CVE-2022-22965.

The vulnerability affects OpenSSL’s BN_mod_sqrt() function which can get stuck in an infinite loop.

Details of the PwnKit vulnerability.

The implications of the recent ModSecurity vulnerability on open-source Web Application Firewalls.

This powerful piece of hardware can aggregate multiple web filters together to meet huge throughput demands.

Here we outline our new, simplified WAF offering, for easier configuration and superior web application security, using the core rule set v3.

This critical vulnerability (that does not impact our products) could be a major headache, so it is crucial to check all of your applications to see if they are affected.

On the 4th October 2021, the social media giant Facebook experienced a global outage, affecting not only Facebook, but Instagram and WhatsApp.

ModSecurity is a web application firewall that we use to power our product’s WAF functionality. Here I outline, step-by-step, how to customize this.

How Loadbalancer.org identified the CVE-2021-35368 vulnerability, and what it means for users.

No IT system is ever designed to fail. But they can - and they do. So how can you protect your critical IT systems and servers, to ensure high availability and guarantee zero downtime? Why do systems fail? In a world where tech is constantly evolving, it’s impossible to

Learn more about our method to implement a more robust solution for deprecating counters in ModSecurity WAF.

Training a WAF can be difficult - but not impossible. Find out how we recommend doing it, and how our tools make the whole process easier.

Protect both web servers and users, with this combination of layers and tools.

Dealing with bugs and vulnerabilities is quite common in the tech space. Aaron West, the head of Solutions at Loadbalancer.org shares some insights about our approach of tackling such issues, and more.

Find out why Werner Vogels' comments ring especially true for healthcare data.

A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.

Four closely related vulnerabilities regarding TCP handling in the Linux and FreeBSD kernels were publicly disclosed on 17 June 2019. Dubbed as “SACK Panic”, the main vulnerability can cause a Linux operating system to crash under specific conditions. UPDATE: Loadbalancer.org recommend that you update to v8.3.8 or

As you probably know, the notorious Chinese tech company was blacklisted by Google on the instructions of the Trump administration. All this high-profile paranoia about security got me thinking about our approach to the subject as we prepare to release v8.3.7 of the load balancer appliance...

I’ve noticed a lot more of our customers are asking to use their Active Directory login details with the load balancer appliance. And it can get a bit fiddly, so I wanted to write a blog to explain the process in more detail. Why use centralized authentication? Better security,

“Load balancing FTP can be loads of fun for system and network administrators alike!” - said nobody ever. Implementation of FTP and configuration of your firewalls can be cumbersome, especially when it comes to being secure during your file transfer. The downside to an FTP connection is that the data

Find out how Web Application Firewalls, or WAFs, protect web-based applications from common vulnerabilities.