Knowledge Base | Security
Mitigating the SSL Beast Attack Using the ALOHA Load-Balancer / HAProxy
The beast attack on SSL isn't new, but we have not yet published an article to explain how to mitigate it with the ALOHA or HAProxy. First of all, to mitigate this attack, you must use the Load-Balancer as the SSL endpoint, then just append the following parameter on...
Exchange Outlook Web Access (OWA) Cross-Site Request Forgery (CSRF) Protection
Outlook Web Access Outlook Web Access is the webmail embedded in Exchange mail server. It is used by users outside the office to get access to their emails. Unfortunately, some version of OWA are affected by a CSRF attack. This vulnerability affects supported editions...
HTTP Request Flood Mitigation
In a recent article, we saw how we can use a load-balancer as a first row of defense against DDOS. The purpose of the present article to provide a configuration to protect your applications against HTTP request flood. The configuration below allows only 10 requests...
Use a Load Balancer as a First Row of Defense Against DDOS
We’ve seen recently more and more DOS and DDOS attacks. Some of them were very big, requiring thousands of computers... But in most cases, this kind of attacks are made by a few computers aiming to make a service or website unavailable, either by sending it too many...
Web Traffic Limitation
Synopsis For different reason, we may want to limit the number of connections or the number of requests we allow to a web farm. In example: give more capacity to authenticated users compared to anonymous one limit web farm users per virtualhost protect your website...
Fight Spam with Early Talking Detection
Synopsis A good way to improve efficiency against spammers is to use early talking detection: you own a SMTP relay platform and you want to improve its efficiency on spam fighting your current MTA has no early talking detection feature and you want to be able to add...
Protect Apache Against “Apache Killer” Script
What is Apache killer? Apache killer is a script which aims to exploit an Apache Vulnerability. Basically, it makes Apache to fill up the /tmp directory which makes the webserver unstable. Who is concerned? Anybody running a website on Apache. The Apache announce How...
Protect your Web Server Against Slowloris
Slowloris??? Slowloris is a script which opens TCP connections and send HTTP headers very slowly to force webservers to keep connections opened. Slowloris purpose is to take all resources from one server for him, preventing any regular browser from using the service....
