Open Source - Proud to be part of the open source community.
Extending ModSecurity: How to add completely custom WAF functionality
ModSecurity is a web application firewall that we use to power our product’s WAF functionality. Here I outline, step-by-step, how to customize this.
Announcing CVE-2021-35368: OWASP ModSecurity Core Rule Set Bypass
How Loadbalancer.org identified the CVE-2021-35368 vulnerability, and what it means for users.
Plan for the worst when it comes to critical IT systems...
No IT system is ever designed to fail. But they can - and they do. So how can you protect your critical IT systems and servers, to ensure high availability and guarantee zero downtime? Why do systems fail? In a world where tech is constantly evolving, it’s impossible to
Open source versus proprietary load balancers
Should you invest in a proprietary load balancer from one of the market leaders like F5? Or should you take a chance on open source load balancing software?
How to install and configure HAProxy on RHEL 7
Follow our clear instructions if you want to use HAProxy with Red Hat Enterprise Linux.
Open source software: myth-busting, business benefits and FOSDEM '21
Open source software plays an intrinsic part in our foundations –watch our roundtable chat to learn what that means, and how it benefits our customers.
ModSecurity and the Case of the Never Decreasing Variables
Learn more about our method to implement a more robust solution for deprecating counters in ModSecurity WAF.
NGINX and X-Forwarded-For Header (XFF)
The X-Forwarded-For Header is a simple yet powerful solution to a very common problem. I'm not sure why, but for some reason it also seems to cause a lot of confusion. NGINX is often deployed as a cluster behind a layer 7 load balancer (Reverse Proxy). Being a proxy implementation,
Loadbalancer.org releases Open Source SNMP MIB and Agent for HAProxy
We’re always keen to give back to the community that writes such great software – our new SNMP agents and MIBs for HAProxy make monitoring your Virtual Services and Real Servers a breeze.
How to tackle bugs and vulnerabilities – a solutions architect’s opinion
Dealing with bugs and vulnerabilities is quite common in the tech space. Aaron West, the head of Solutions at Loadbalancer.org shares some insights about our approach of tackling such issues, and more.
How to load balance VMware's AirWatch Mobile Access Gateway (MAG) and Secure Email Gateway (SEG) with HAProxy
Want to configure a load balancer for VMware's AirWatch Mobile Access Gateway (MAG) and Secure Email Gateway (SEG)? Let's help you out.
Update on HAproxy HTTP/2 HPACK Decoder Vulnerability (2 April 2020)
A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.
Anatomy of a partnership: Working and learning with Smoothwall
Loadbalancer.org’s evolving approach to partnerships reflects what’s at the heart of our ethos. The human element builds understanding, and the better we can understand our partners, the better we can meet their needs.
A modern Feedback Agent for HAProxy
We recently released a completely rewritten version of our Windows Feedback Agent for HAProxy. This blog sets out to explore the issues caused by the previous Feedback Agent, and more importantly why the new Feedback Agent is better. Where can I get it? (Updated 05/11/2018) As always the
How to write an external health check script for HAProxy
There's a saying you've probably heard: "Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetime." Health checks are an important part of load balancing your application, and in many other circumstances too. We
New year, new vulnerability: HAProxy critical security update
The Christmas tree is still up, you’ve barely swept away the used party poppers and champagne corks from your New Year celebrations - and already, there’s a new security issue to be aware of. A vulnerability has been found which could enable a hacker to crash HAProxy when
Does the new multi-threaded support in HAProxy finally solve the 10G problem?
The best thing about HAProxy is its single process event driven architecture. It gives amazing performance in most real world scenarios and happily saturates gigabit+ networks... But the single process design is also the worst thing about HAProxy, because until now the way of scaling to 10G+ has been to
How to add Cloudflare in front of HAProxy
What is Cloudflare? Cloudflare provides a content delivery network (CDN). A CDN is a worldwide network of servers that delivers web content to clients based on the geographic location of the client. Using the Cloudflare network in front of any website can add extra security and performance. Cloudflare works as
Highly Available NFS based Kerberos KDC aka. Ganesha + GlusterFS + HAProxy.
Load balancing NFS is a real pain — especially when it comes to the locked mounts issue. In this blog I'll explain how to create a highly available NFS server for Kerberos.
Breaking HAProxy with the help of a Spirent Avalanche and lots of very small packets...
HAProxy is awesome. So awesome in fact, that here at Loadbalancer.org HQ - I find it very difficult to generate enough load to break it...so let's try harder!
Client Certificate Authentication with HAProxy
Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate.
How to stop web form spam — use a simple honey pot trap in ModSecurity...
How frustrating do you find it when hackers or robots fill in your website forms with "Buy Viagra Now!" type spam?
GSLB — Why Global Server Load Balancers don’t always suck? (Polaris-GSLB) Part 2
In part one we were introduced to Polaris-GSLB which is a cool little open source GSLB solution, we went through a simple use case scenario and discussed the features it supports. In part two of this Blog I’m going to show you how to build Polaris-GSLB on CentOS 7.
GSLB – Why Global Server Load Balancers don't always suck? (Polaris-GSLB)
Here at Loadbalancer.org we’re not known for being huge fans of GSLB solutions as some of our customers may already know and you can see from a previous blog : [GSLB – Why Do Global Server Load Balancers Suck?](http://www.loadbalancer.org/blog/gslb-why-do-global-server-load-balancers-suck)
Blocking Japan with ModSecurity and Maxmind Lite
Accessibility is the magic word for todays blog. If you’re lucky enough to run a website, then the whole world has access to it by default! Now lets imagine that the website you’re running is targeted for a geographically specific customer base such as the USA. You get