Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

US FEDERAL: Enabling Kerberos for Smartcard Authentication to Apache.

The following provides guidance on the configuration of BIG-IP Local Traffic Manager and Access Policy Manager in support of Apache Web Server Smartcard / Kerberos access using Active Directory as the Key Distribution Center.  This content is... Read more
2 Reviews

Mitigating The Apache Struts ClassLoader Manipulation Vulnerabilities Using ASM

Background Recently the F5 security research team has witnessed a series of CVE’s created for the popular Apache Struts platform. From Wikipedia: Apache Struts was an open-source web application framework for developing Java EE web applications.... Read more
0 Reviews

F5 Friday: Zero-Day Apache Exploit? Zero-Problem

#infosec A recently discovered 0-day Apache exploit is no problem for BIG-IP. Here’s a couple of different options using F5 solutions to secure your site against it. It’s called “Apache Killer” and it’s yet another example of exploiting not a... Read more
0 Reviews

How To Limit URI Length Without Recompiling Apache

Use network-side scripting, of course! While just about every developer and information security professional knows that a buffer-overflow exploit can result in the execution of malicious code not many truly grok the “why”. Fortunately, it’s not... Read more
0 Reviews

Scaling AJAX Applications is More About Architecture than Apache

Scaling applications that include AJAX and non-AJAX components may require more than just tuning your web server  A common problem after deploying a Web 2.0 AJAX-based application shows itself through poor performance or lower capacity on... Read more
0 Reviews

If Your Users See an HTTP Error Code You’re Doing It Wrong

There is no reason in a modern web application for users to see a white error page Sightings of the Twitter “fail whale” are, these days, fewer and far between. That’s a good thing. What’s interesting is that when it does show up, users are... Read more
0 Reviews

I Can Has UR .htaccess File

Notice that isn’t a question, it’s a statement of fact Twitter is having a bad month. After it was blamed, albeit incorrectly, for a breach leading to the disclosure of both personal and corporate information via Google’s GMail and Apps, its... Read more
0 Reviews

Automatically Removing Cookies

Using network-side scripting to remove client-side cookies @quine overhead an interesting question that he offered via Twitter regarding cookies and BIG-IP. Specifically someone was wondering whether BIG-IP automatically removes cookies from the... Read more
Average Rating: 4.9
3 Reviews

I am wondering why not all websites enabling this great feature GZIP?

Understanding the impact of compression on server resources and application performance While doing some research on a related topic, I ran across this question and thought “that deserves an answer” because it certainly seems like a no-brainer.... Read more
1 Review

Using Resource Obfuscation to Reduce Risk of Mass SQL Injection

One of the ways miscreants locate targets for mass SQL injection attacks that can leave your applications and data tainted with malware and malicious scripts is to simply seek out sites based on file extensions. Attackers know that .ASP and .PHP... Read more
0 Reviews

2.5 bad ways to implement a server load balancing architecture

I'm in a bit of mood after reading a Javaworld article on server load balancing that presents some fairly poor ideas on architectural implementations. It's not the concepts that are necessarily wrong; they will work. It's the... Read more
0 Reviews

How to prevent content theft using Apache mod_rewrite or F5 iRules

Over the years imaginative developers have come up with a number of ways through which they hope to stop the pilfering of their images. Whether due to copyright issues or the increased bandwidth and associated costs resulting from "hot... Read more
1 Review

4 reasons not to use mod_security

Apache is a great web server if for no other reason than it offers more flexibility through modules than just about any other web server. You can plug-in all sorts of modules to enhance the functionality of Apache. But as I often say, just because... Read more
0 Reviews

DevCentral Top5 7/11/2008

After a Friday off for the holiday here in the states, we're back at it again, and DevCentral is as busy as ever.  There's been some great content and some really fantastic banter alike on the site this week. Today we'll dive into... Read more
0 Reviews

3 Reasons not to use Apache mod_rewrite

After reading this discussion on Slashdot regarding an anti-virus agent pretending to be Internet Explorer and flooding sites with requests I waited to see a response come from an Apache fan on using mod_rewrite to detect and stop the flood of... Read more
0 Reviews

Using "X-Forwarded-For" in Apache or PHP

An issue that often comes up for users of any full proxy-based product is that the original client IP address is often lost to the application or web server. This is because in a full proxy system there are two connections; one between the client... Read more
Average Rating: 4.5
7 Reviews

Will 2008 be the year for C++?

I was trolling through my feeds this morning and saw the post "Developers Will Find C Applications Playing Surprisingly Strategic Role in 2008 with Multi-Core and SOA" Oh Realy? Not if Microsoft, Sun, IBM, BEA, Apache, or any othe... Read more
0 Reviews