Skip to main content
Back to all posts

Security

Learn how to strengthen your infrastructure with Web Application Firewalls (WAF) and advanced security features. Perform SSL/TLS offloading and protect against application layer threats to ensure your critical systems are always compliant and protected.

Latest post

Finally, a simple way to convert MaxMind GeoIP Database files to the legacy DAT format!

PwnKit Vulnerability (CVE-2021-4034)

A local privilege escalation vulnerability was found on polkit's pkexec utility. It is a critical vulnerability because it gives full root privileges to any local user or attacker...

Security

ModSecurity DoS vulnerability (CVE-2021-42717)

All WAF vendors and services using ModSecurity are affected by this vulnerability (unless they have the vulnerable piece of code disabled, by chance)...

Open source Security WAF

Apache Log4j vulnerability CVE-2021-44228

The Apache Log4j utility is commonly used for logging requests by millions of Java applications to log error messages. However, recently the critical vulnerability CVE-2021-44228 was discovered in the Apache Log4j library...

Security Open source

What can we learn from the recent Facebook outage?

On the 4th October 2021, the social media giant Facebook experienced a global outage, affecting not only Facebook, but also Instagram and WhatsApp...

High Availability Security

Extending ModSecurity: How to add completely custom WAF functionality

In this example, I’m going to add a new transformation function to ModSecurity to calculate the Scrabble score of a variable. This will allow us to block HTTP requests containing query string parameters with a Scrabble score above a chosen threshold...

WAF Open source Security