Security - Founded on open source, enhanced with our web application firewall and user protection.
What can we learn from the recent Facebook outage?
On the 4th October 2021, the social media giant Facebook experienced a global outage, affecting not only Facebook, but Instagram and WhatsApp.
Extending ModSecurity: How to add completely custom WAF functionality
ModSecurity is a web application firewall that we use to power our product’s WAF functionality. Here I outline, step-by-step, how to customize this.
Announcing CVE-2021-35368: OWASP ModSecurity Core Rule Set Bypass
How Loadbalancer.org identified the CVE-2021-35368 vulnerability, and what it means for users.
Plan for the worst when it comes to critical IT systems...
No IT system is ever designed to fail. But they can - and they do. So how can you protect your critical IT systems and servers, to ensure high availability and guarantee zero downtime? Why do systems fail? In a world where tech is constantly evolving, it’s impossible to
ModSecurity and the Case of the Never Decreasing Variables
Learn more about our method to implement a more robust solution for deprecating counters in ModSecurity WAF.
How to train your Web Application Firewall (WAF)
Training a WAF can be difficult - but not impossible. Find out how we recommend doing it, and how our tools make the whole process easier.
Secure connections: encrypt, inspect and decrypt traffic when using a WAF
Protect both web servers and users, with this combination of layers and tools.
How to tackle bugs and vulnerabilities – a solutions architect’s opinion
Dealing with bugs and vulnerabilities is quite common in the tech space. Aaron West, the head of Solutions at Loadbalancer.org shares some insights about our approach of tackling such issues, and more.
Healthcare IT should listen to Amazon's Werner Vogels: “Dance Like Nobody’s Watching. Encrypt Like Everyone Is”
Find out why Werner Vogels' comments ring especially true for healthcare data.
Update on HAproxy HTTP/2 HPACK Decoder Vulnerability (2 April 2020)
A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.
SACK Panic: What is it, and is it actually time to panic?
Four closely related vulnerabilities regarding TCP handling in the Linux and FreeBSD kernels were publicly disclosed on 17 June 2019. Dubbed as “SACK Panic”, the main vulnerability can cause a Linux operating system to crash under specific conditions. UPDATE: Loadbalancer.org recommend that you update to v8.3.8 or
Huawei root access is BAD! VERY, VERY BAD: Or, how we reasoned ourselves out of root access by default
As you probably know, the notorious Chinese tech company was blacklisted by Google on the instructions of the Trump administration. All this high-profile paranoia about security got me thinking about our approach to the subject as we prepare to release v8.3.7 of the load balancer appliance...
How do I secure my load balancer with Active Directory, LDAP or RADIUS?
I’ve noticed a lot more of our customers are asking to use their Active Directory login details with the load balancer appliance. And it can get a bit fiddly, so I wanted to write a blog to explain the process in more detail. Why use centralized authentication? Better security,
FTPS Implicit vs FTPS Explicit: Who will win?
“Load balancing FTP can be loads of fun for system and network administrators alike!” - said nobody ever. Implementation of FTP and configuration of your firewalls can be cumbersome, especially when it comes to being secure during your file transfer. The downside to an FTP connection is that the data
Why use a WAF? Because what doesn't kill you makes you stronger
Find out how Web Application Firewalls, or WAFs, protect web-based applications from common vulnerabilities.
New year, new vulnerability: HAProxy critical security update
The Christmas tree is still up, you’ve barely swept away the used party poppers and champagne corks from your New Year celebrations - and already, there’s a new security issue to be aware of. A vulnerability has been found which could enable a hacker to crash HAProxy when
Brute force login: Simple protection techniques with the ModSecurity WAF
The web-based login to your application is a juicy target for hackers. And once they get past the login, they can cause you some serious pain. If you have a WAF (Web Application Firewall), though, the problem is pretty easy to mitigate — even when it's a distributed attack. Am I
Darktrace: When looks aren't everything
These are scary times when it comes to cybersecurity. Following on from high-profile breaches at Equifax, British Airways, Ticketmaster, Newegg and more, it’s not surprising that companies are prepared to pay top dollar for the very best in security software. What does the very best look like? Well, it
HAProxy critical security update — to avoid simple(ish) DoS attack (20 September 2018)
A critical security issue has been found in HAProxy, leaving certain systems vulnerable to remote attack. We want to keep you informed, and we understand that this news might cause you some anxiety. But be reassured - most of our customers won’t be affected.
Let's Encrypt — how did we survive without it?
Let’s Encrypt is awesome! Not only is it more secure than your existing certificate authority. It's also reliable, scalable, fully automated — and free!
FC Barcelona choose Loadbalancer.org in AWS for flexibility and security
FC Barcelona, known simply as Barcelona and colloquially as Barça, is one of the worlds leading professional football clubs. In their native Spain Barça have won 25 La Liga, 30 Copa del Rey, 13 Supercopa de España, 3 Copa Eva Duarte and 2 Copa de la Liga trophies, as well
How to add Cloudflare in front of HAProxy
What is Cloudflare? Cloudflare provides a content delivery network (CDN). A CDN is a worldwide network of servers that delivers web content to clients based on the geographic location of the client. Using the Cloudflare network in front of any website can add extra security and performance. Cloudflare works as
Load Balancing Apache Web Servers with OWASP Top 10 WAF in Azure
This blog will provide a quick start quide on how to load balance Apache Web Servers and configure a WAF using the Enterprise Azure Loadbalancer.org Azure cloud appliance. • The WAF addresses the OWASP Top 10 vulnerabilities and is very quick and simple to deploy. • SSL offload is handled by
Security through obscurity - double login protection made easy...
Security through obscurity is not a great idea when it is your ONLY protection technique. For example moving your SSH port from 22 -> 23 won't fool any hackers for long! However, I've always liked putting a 'double login' in front of important web sites to frustrate simple automated hacking tools.
Client Certificate Authentication with HAProxy
Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate.