Chad Lavoie Chad Lavoie | Nov 9, 2018 | SECURITY, TECH
HAProxy’s high-performance security capabilities are utilized as a key line of defense by many of the world’s top enterprises. Application-layer DDoS attacks are aimed at overwhelming an application with requests or connections, and in this post we will show you how...
Chad Lavoie Chad Lavoie | Mar 24, 2017 | SECURITY
The Proxy protocol is a widely used invention of our CTO at HAProxy Technologies, Willy Tarreau, to solve the problem of TCP connection parameters being lost when relaying TCP connections through proxies. Its primary purpose is to chain proxies and reverse-proxies...
Baptiste Assmann Baptiste Assmann | Feb 10, 2016 | SECURITY, TECH
One of the biggest security challenges that companies face in today’s modern climate is the POST attack. Unlike a more traditional “Denial-of-Service” attack, POST attacks target a servers logical resources – making them particularly powerful...
Baptiste Assmann Baptiste Assmann | Jun 9, 2015 | SECURITY, TECH
SSL/TLS and HSTS SSL everywhere is on its way. Unfortunately, many applications were written for HTTP only and switching to HTTPs is not an easy and straight forward path. Read more here about impact of TLS offloading (when a third party tool perform TLS in front of...
Baptiste Assmann Baptiste Assmann | Oct 15, 2014 | SECURITY, TECH
SSLv3 poodle vulnerability Yesterday, Google security researchers have disclosed a new vulnerability on SSL protocol. Fortunately, this vulnerability is only on an old version of the SSL protocol: SSLv3 (15 years old protocol). An attacker can force a browser to...
Baptiste Assmann Baptiste Assmann | Sep 30, 2014 | SECURITY, TECH
Bash Shellshock vulnerability (CVE-2014-6271 and CVE-2014-7169) Last week, a vulnerability in bash has been discovered. It is possible, under some circumstances, to inject code into a bash shell script. It could be very dangerous if bash is used to process request...
