What is Stunnel and how do you configure it?
Here is another example of a more “exotic” Stunnel configuration. Most people, and rightly so, will ask “but why?”. Well, because we can!
Here is another example of a more “exotic” Stunnel configuration. Most people, and rightly so, will ask “but why?”. Well, because we can!
Here is another example of a more “exotic” Stunnel configuration. Most people, and rightly so, will ask “but why?”. Well, because we can!
With mTLS, the client is required to present its certificate to the server (and visa versa). Hence mutual certificate authentication occurs. This double layer of authentication provides an additional layer of protection against impersonation attacks.
TLS/SSL encryption of your HTTPS data brings a number of significant benefits, leading to a trusted user experience.
We've had a few concerned customers asking about the Google disclosure of the recent huge DDoS attack, and the potential underlying vulnerability in some HTTP/2 servers.
SSL/TLS termination is the most regularly implemented kind of SSL/TLS offload.
Data protection is focused on making sure that data remains available and immutable — even after a cybersecurity attack, or system failure. This prevents data loss and facilitates data recovery.
For Enterprise 8.9, Loadbalancer.org added a new SSL Terminator for HAProxy, allowing for mutual Transport Layer Security (mTLS) configurations.
If you're thinking about giving mTLS a go, why not try it for yourself by following the steps below.
Enhanced visibility for more efficient and secure ADC management.
There seems to be a lot of confusion about the role of a Web Application Firewall (WAF) in application security, and what types of threat a WAF can help mitigate in your deployment.
TLS encryption (formerly known as SSL encryption) is used to improve the safety of data exchanged over a network. But where should it sit in your network architecture?
Some network engineers think that Web Application Firewalls (WAFs) are so complicated, they've been known to run away and hide for days when they've encountered one.
The talk of the town at InfoSec 2023 was the evolving cyber security battleground, and the practical steps organizations might take in order to mitigate some of these threats.
The ModSecurity web application firewall (WAF) engine is set to go end-of-life (EOL) on 1 July 2024.
You need a clear, comprehensive view of your entire load balancing estate to maintain control and security.
It can sometimes be useful to make load balancing decisions based on the time and date. This allows you to conditionally refuse or redirect connections based on the time they're received.
There are two schools of thought on this: ‘yes, it should’ and ‘no, it shouldn't’. Let's look at the arguments both for and against.
Here's what we learned from crAPI about API security, and how a Web Application Firewall (WAF) can help you take things one step further.
Getting on board with zero trust is the easy part. Actually applying these principles to your architecture is less black and white.
I had the privilege of speaking in Dublin at this year's OWASP Core Rule Set Community Summit before then attending OWASP Global AppSec immediately afterwards.
We'd all rather prevent a disaster than have to live with the consequences of one.
Sometimes, we need to pass unusually large HTTP requests through our WAF stack.
A while ago I was asked if it would be possible to apply some general rate limiting in HAProxy and the WAF, in order to help prevent DOS-style attacks on a customer's servers.
F5 recently announced a critical security vulnerability, allowing an attacker to bypass its iControl REST authentication, and execute commands such as creating or deleting files and disabling services.
It is understandable that SysAdmins, DevOps, and most in the IT and Security Departments involved want to ensure all load balancers are fully patched and protected, given that our product plays an important role in their topology.