19th October 2016

in Security

Blocking Japan with ModSecurity and Maxmind Lite

Posted by Theo Harvey 19th October in Security

Accessibility is the magic word for todays blog. If you’re lucky enough to run a website, then the whole world has access to it by default!
Now lets imagine that the website you’re running is targeted for a geographically specific customer base such as the USA. You get up one morning and decide to take a look at your web analytic reports, and find that Japan is where the second largest volume of traffic is coming from. At which point, you might start thinking about restricting traffic from specific countries that would only waste bandwidth on your server.

Continue reading...
9th November 2015

in Security

New PuTTY vulnerability “vuln-ech-overflow” identified – upgrade to 0.66 to protect your environment

Posted by Dave Saunders 9th November in Security

It has been identified that versions of PuTTY, PutTTYtel and pterm are vulnerable to potential exploit in the handling of ECH (erase characters), affecting versions 0.54 to 0.65. Upgrading to version 0.66 or patching your running version is advised to mitigate the vulnerability.

Continue reading...
3rd September 2015

in Business partner with Sucuri for cloud based WAF & DDOS protection

Posted by Andrew Zak 3rd September in Business

During the last year at we have spent a lot of time and effort researching WAF (Web Application Firewall) solutions. The integrated WAF in version 8 of the appliance has been designed for fast, low latency PCI-compliance for our customers. We also have several customers clustering commercial solutions (such as Imperva) behind our load balancer giving a much better WAF feature set + great performance and health monitoring.

Continue reading...
20th August 2015

in Business

It’s great to be v8

Posted by Dave Saunders 20th August in Business

As the evolution of continues, we are proud to present our latest software release, v8.0. New features such as the Web Application Firewall (WAF) spearheading our increased focus on security and various updates including an enhanced process for high availability appliance pairing , improved LBCLI, advancement of the web user interface (WebUI).

Continue reading...
18th May 2015

in Denial Of Service

Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 – CVE-2015-1635)

Posted by Malcolm Turnbull 18th May in Denial Of Service

Microsoft quietly patched a fairly nasty little bug (MS15-034) in IIS last month: A simple HTTP request with an invalid range header field value to either kill IIS, reveal data or remotely execute code! We haven't seen one of these in a while and obviously you are safe if you have automatic security patching turned on. However, with our renewed focus on web application security, I thought this would be a good example to show how easy virtual patching is with the industry standard tools used in the appliance.

Continue reading...
6th March 2015

in Denial Of Service

Simple Denial of Service DOS attack mitigation using HAProxy

Posted by Malcolm Turnbull 6th March in Denial Of Service

Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I've described how you would implement the techniques using the appliance but they are easily transferable to any HAProxy based cluster.

Continue reading...
17th November 2014

in Security

STunnel Cipher List and Qualys SSL Labs Testing

Posted by Andrei Grigoraş 17th November in Security

Chasing that eternally moving target that is an A+ from Qualys’ SSL scanner? Well, you’ve found the correct Blog!

Continue reading...
Live chat
› Operator: Theo › Theo: Can I help you?
Click here to chat |