Security — No laughing matter

Find out why Werner Vogels' comments ring especially true for healthcare data.

A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.

Imagine you’re running a business and you often see malicious-looking web traffic from the other side of the globe hitting your website.

Four closely related vulnerabilities regarding TCP handling in the Linux and FreeBSD kernels were publicly disclosed on 17 June 2019.

As you probably know, the notorious Chinese tech company was blacklisted OK, so Trump didn't actually say that about Huawei. But, given his recent declaration, it wouldn't surprise me if he did.

I’ve noticed a lot more of our customers are asking to use their Active Directory login details with the load balancer appliance. And it can get a bit fiddly, so I wanted to explain the process in more detail.

What options do we have to ensure that our FTP connections are secure? Enter FTPS (file transfer protocol SSL), with a choice of two modes: FTPS implicit and FTPS explicit.

Our helpdesk often encounters confusion about Web Application Firewalls, or WAFs - what they are, how to use them, and what issues they can potentially cause.

An incorrect frame length check could result in a read-past-bound which can cause a crash.

The web-based login to your application is a juicy target for hackers. And once they get past the login, they can cause you some serious pain.

An engineer at a business using Darktrace, confessed that many IT staff ignored the pricey security software because it sent so many false alerts.

A critical security issue has been found in HAProxy, leaving certain systems vulnerable to remote attack. We want to keep you informed, and we understand that this news might cause you some anxiety. But be reassured - most of our customers won’t be affected.

Let’s Encrypt is awesome! Not only is it more secure than your existing certificate authority. It's also reliable, scalable, fully automated — and free!

With our 9 years expertise in making applications within AWS indestructible, Loadbalancer.org was able to provide FC Barcelona with an intelligent application delivery controller built on 15 years' worth of battle‑hardened software.

We have built upon our existing strengths in virtualized environments to become Nutanix certified, with the addition of support for Nutanix AHV positions.

Cloudflare provides a content delivery network (CDN). A CDN is a worldwide network of servers that delivers web content to clients based on the geographic location of the client.

In the Azure Management Portal, select the Virtual Machines option, click on the newly deployed Load Balancer VM, click on Network interfaces and then select the network interface attached to the load balancer, then click IP configurations and ensure that IP forwarding is Enabled.

The WAF addresses the OWASP Top 10 vulnerabilities and is very quick and simple to deploy.

Security through obscurity is not a great idea when it is your ONLY protection technique. For example moving your SSH port from 22 -> 23 won't fool any hackers for long! However, I've always liked putting a 'double login' in front of important web sites to frustrate simple automated hacking tools.

Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate.

SSL offload is handled by STunnel, while HAProxy handles back-end server re-encryption.

How frustrating do you find it when hackers or robots fill in your website forms with "Buy Viagra Now!" type spam?

The long and short of it is, there are updates to the Linux kernel and glibc packages which will 'fix' the issue

Different vendors have widely different opinions on which method should be used to deploy web filters or SWGs. Historically, vendors struggled to implement authentication in Transparent mode, and maybe they remember some awkward conversations with customers that chose the wrong method.

I am going to focus on how simple it is to mitigate it when using the SSL termination/offloading options available on a Loadbalancer.org appliance.