Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology


Sort results

ThinkPHP 5.x Remote Code Execution Vulnerability

ThinkPHP is an open source PHP development framework for agile web application development. Recently, an unauthenticated remote code execution vulnerability was discovered in ThinkPHP... Read more
0 Reviews

Plesk Vulnerability

Recently we’ve witnessed another example of a relatively old and specific vulnerability come to life using a very common and wide spread application. In this case it was the CVE-2012-1823 vulnerability, being exploited using the Plesk admin... Read more
0 Reviews

How to Make mailto Safe Again

Using HTTP headers and default browser protocol handlers provides an opportunity to rediscover the usability and simplicity of the mailto protocol. Over the last decade it's become unsafe to use the mailto protocol on a website due to e-mail... Read more
0 Reviews

Why Is Reusable Code So Hard to Secure?

Being an efficient developer often means abstracting functionality such that a single function can be applied to a variety of uses across an application. Even as this decreases risk of errors, time to develop, and the attack surface necessary to... Read more
0 Reviews

Let Your ENUMs Do the Talking with CSS

When you’re dealing with conditional formatting of objects based on enumerated values you can eliminate conditional assignments by directly mapping your ENUMs to CSS classes. There are many cases where enumerated values are used to describe... Read more
0 Reviews

The List: iControl Languages, Libraries, and IDEs

Back in 2001 (wow – seems like yesterday!), F5 introduced the first-ever, open/Web services API for network devices called iControl. With it, it sparked a major shift in the way companies could look at integrating network devices with... Read more
0 Reviews

Using Resource Obfuscation to Reduce Risk of Mass SQL Injection

One of the ways miscreants locate targets for mass SQL injection attacks that can leave your applications and data tainted with malware and malicious scripts is to simply seek out sites based on file extensions. Attackers know that .ASP and .PHP... Read more
0 Reviews

DevCentral Top5 01/16/2009

I can't believe it's only the second week of this year's Top5 series. There are so many things going on that it feels like it's been weeks since I wrote last. I know the output to the site has only been bumped up marginally but... Read more
0 Reviews

Putting the network back in social networking

A while back Joe blogged about some Twitter integration he'd done around monitoring of BIG-IP. He's  got a PERL proxy that monitors the BIG-IP and sends out notifications and alerts to a specified Twitter account. But I wanted... Read more
0 Reviews

Understanding network-side scripting

We all understand the lines in the sand (or the architectural diagram) that separate client-side scripting from server-side scripting. It's very clear that client-side scripting, e.g. JavaScript, VBScript, ActionScript, executes on the client... Read more
0 Reviews

How AJAX can make a more agile enterprise

In general, we talk a lot about the benefits of SOA in terms of agility, aligning IT with the business, and risk mitigation. Then we talk about WOA (web oriented architecture) separately from SOA (service oriented architecture) but go on to... Read more
0 Reviews

Using "X-Forwarded-For" in Apache or PHP

An issue that often comes up for users of any full proxy-based product is that the original client IP address is often lost to the application or web server. This is because in a full proxy system there are two connections; one between the client... Read more
Average Rating: 4.5
7 Reviews

iControl and PHP: Updated

I'm working on something else that's sort of related to this subject and noticed that rpaan polished the PHP code for this article on using PHP and iControl. It's nice. Great stuff, rpaan, and THANKS! Imbibing: Water Read more
0 Reviews