Security - Founded on open source, enhanced with our web application firewall and user protection.

On the 4th October 2021, the social media giant Facebook experienced a global outage, affecting not only Facebook, but Instagram and WhatsApp.

ModSecurity is a web application firewall that we use to power our product’s WAF functionality. Here I outline, step-by-step, how to customize this.

How Loadbalancer.org identified the CVE-2021-35368 vulnerability, and what it means for users.

No IT system is ever designed to fail. But they can - and they do. So how can you protect your critical IT systems and servers, to ensure high availability and guarantee zero downtime? Why do systems fail? In a world where tech is constantly evolving, it’s impossible to

Learn more about our method to implement a more robust solution for deprecating counters in ModSecurity WAF.

Training a WAF can be difficult - but not impossible. Find out how we recommend doing it, and how our tools make the whole process easier.

Protect both web servers and users, with this combination of layers and tools.

Dealing with bugs and vulnerabilities is quite common in the tech space. Aaron West, the head of Solutions at Loadbalancer.org shares some insights about our approach of tackling such issues, and more.

Find out why Werner Vogels' comments ring especially true for healthcare data.

A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.

Four closely related vulnerabilities regarding TCP handling in the Linux and FreeBSD kernels were publicly disclosed on 17 June 2019. Dubbed as “SACK Panic”, the main vulnerability can cause a Linux operating system to crash under specific conditions. UPDATE: Loadbalancer.org recommend that you update to v8.3.8 or

As you probably know, the notorious Chinese tech company was blacklisted by Google on the instructions of the Trump administration. All this high-profile paranoia about security got me thinking about our approach to the subject as we prepare to release v8.3.7 of the load balancer appliance...

I’ve noticed a lot more of our customers are asking to use their Active Directory login details with the load balancer appliance. And it can get a bit fiddly, so I wanted to write a blog to explain the process in more detail. Why use centralized authentication? Better security,

“Load balancing FTP can be loads of fun for system and network administrators alike!” - said nobody ever. Implementation of FTP and configuration of your firewalls can be cumbersome, especially when it comes to being secure during your file transfer. The downside to an FTP connection is that the data

Find out how Web Application Firewalls, or WAFs, protect web-based applications from common vulnerabilities.

The Christmas tree is still up, you’ve barely swept away the used party poppers and champagne corks from your New Year celebrations - and already, there’s a new security issue to be aware of. A vulnerability has been found which could enable a hacker to crash HAProxy when

The web-based login to your application is a juicy target for hackers. And once they get past the login, they can cause you some serious pain. If you have a WAF (Web Application Firewall), though, the problem is pretty easy to mitigate — even when it's a distributed attack. Am I

These are scary times when it comes to cybersecurity. Following on from high-profile breaches at Equifax, British Airways, Ticketmaster, Newegg and more, it’s not surprising that companies are prepared to pay top dollar for the very best in security software. What does the very best look like? Well, it

A critical security issue has been found in HAProxy, leaving certain systems vulnerable to remote attack. We want to keep you informed, and we understand that this news might cause you some anxiety. But be reassured - most of our customers won’t be affected.

Let’s Encrypt is awesome! Not only is it more secure than your existing certificate authority. It's also reliable, scalable, fully automated — and free!

FC Barcelona, known simply as Barcelona and colloquially as Barça, is one of the worlds leading professional football clubs. In their native Spain Barça have won 25 La Liga, 30 Copa del Rey, 13 Supercopa de España, 3 Copa Eva Duarte and 2 Copa de la Liga trophies, as well

What is Cloudflare? Cloudflare provides a content delivery network (CDN). A CDN is a worldwide network of servers that delivers web content to clients based on the geographic location of the client. Using the Cloudflare network in front of any website can add extra security and performance. Cloudflare works as

This blog will provide a quick start quide on how to load balance Apache Web Servers and configure a WAF using the Enterprise Azure Loadbalancer.org Azure cloud appliance. • The WAF addresses the OWASP Top 10 vulnerabilities and is very quick and simple to deploy. • SSL offload is handled by

Security through obscurity is not a great idea when it is your ONLY protection technique. For example moving your SSH port from 22 -> 23 won't fool any hackers for long! However, I've always liked putting a 'double login' in front of important web sites to frustrate simple automated hacking tools.

Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate.