Open source
The open source community is second to none
HAProxy
How to configure HAProxy's Proxy Protocol with Squid
A customer asked me the other day how to set up Squid Proxy Protocol on their Loadbalancer appliance...
Open source
See who's really visiting your website: Achieving IP transparency with the Proxy Protocol
There are a few different ways to achieve IP transparency, but one of the most effective is with the help of the great Proxy Protocol...
Open source
What is Stunnel and how do you configure it?
Here is another example of a more “exotic” Stunnel configuration. Most people, and rightly so, will ask “but why?”. Well, because we can!..
WAF
Why you shouldn't lose sleep over the commercial end-of-life of ModSecurity
The ModSecurity web application firewall (WAF) engine is set to go end-of-life (EOL) on 1 July 2024...
Open source
Why is public cloud potentially a bad idea from a programmer's perspective?
Cloud may be a developers best friend, but it can also be a programmer's worst enemy...
Security
What can we learn from the recent F5 security vulnerability?
F5 recently announced a critical security vulnerability, allowing an attacker to bypass its iControl REST authentication, and execute commands such as creating or deleting files and disabling services...
Open source
Navigating the open source journey: When free is awesome, and why commercial solutions have their place
At Loadbalancer.org, our heroes are open source. And for good reason. Open source software plays an intrinsic part in our company, products, and services...
Security
DoS vulnerability in OpenSSL related to certificate parsing (CVE-2022-0778)
Customers with manually configured, custom client authentication deployments (rare) or using “re-encrypt to backend” to communicate with untrusted third-party servers (very rare) may be impacted...
Open source
ModSecurity DoS vulnerability (CVE-2021-42717)
All WAF vendors and services using ModSecurity are affected by this vulnerability (unless they have the vulnerable piece of code disabled, by chance)...
Events
The importance of outreach: Introducing students to load balancing
A recent visit to Southampton Solent University...
Security
Apache Log4j vulnerability CVE-2021-44228
The Apache Log4j utility is commonly used for logging requests by millions of Java applications to log error messages. However, recently the critical vulnerability CVE-2021-44228 was discovered in the Apache Log4j library...
WAF
Extending ModSecurity: How to add completely custom WAF functionality
In this example, I’m going to add a new transformation function to ModSecurity to calculate the Scrabble score of a variable. This will allow us to block HTTP requests containing query string parameters with a Scrabble score above a chosen threshold...
Open source
Announcing CVE-2021-35368: OWASP ModSecurity Core Rule Set Bypass
In early June 2021, I identified a request body bypass vulnerability in the OWASP ModSecurity Core Rule Set (CRS). Loadbalancer.org appliances themselves are unaffected...
Open source
Open source versus proprietary load balancers
Should you invest in a proprietary load balancer from one of the market leaders like F5? Or should you take a chance on open source load balancing software?..
How-tos
How to install and configure HAProxy Layer 7 on Red Hat Linux
Control how HAProxy will be started, stopped, restarted, reloaded, or monitored...
Open source
Open source software: myth-busting, business benefits and FOSDEM '21
At the end of the day open source is really about having access to the source code for your tools and programs, to do whatever you want to do with it...
Open source
ModSecurity and the Case of the Never Decreasing Variables
In the world of web application security, it can be invaluable to consider a user's behaviour across the entire duration of their web app session...
Open source
NGINX and X-Forwarded-For Header (XFF)
The X-Forwarded-For Header is a simple yet powerful solution to a very common problem. I'm not sure why, but for some reason it also seems to cause a lot of confusion...
HAProxy
Loadbalancer.org releases Open Source SNMP MIB and Agent for HAProxy
We’re always keen to give back to the community that writes such great software – our new SNMP agents and MIBs for HAProxy make monitoring your Virtual Services and Real Servers a breeze...
Open source
How to tackle bugs and vulnerabilities – a solutions architect’s opinion
Dealing with bugs and vulnerabilities is quite common in the tech space. Aaron West, the head of Solutions at Loadbalancer.org shares some insights about our approach of tackling such issues, and more...
Open source
How to load balance VMware's AirWatch Mobile Access Gateway (MAG) and Secure Email Gateway (SEG) with HAProxy
Want to configure a load balancer for VMware's AirWatch Mobile Access Gateway (MAG) and Secure Email Gateway (SEG)? Let's help you out...
Security
Update on HAproxy HTTP/2 HPACK Decoder Vulnerability (2 April 2020)
A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers...
Open source
Anatomy of a partnership: Working and learning with Smoothwall
We were delighted last week to host Smoothwall for a day with our team. Fuelled by coffee and Krispy Kreme doughnuts, our discussions helped us learn from one another so that we can work together even more effectively...
HAProxy
How to write an external health check script for HAProxy
Loadbalancer.org were the original sponsors of the external health check mechanism in HAProxy. We think it's an invaluable tool when you need something a bit special...