Since launching our website performance testing tool we have been getting a lot of questions about how to improve the speed and performance of WordPress websites. Many website owners are not aware how slow their sites are, so we are excited to help shed some light on the matter. There are a number of different […]
Tag Archives: website firewall
IPv4 vs IPv6 Performance Comparison – Part 2
A few months ago, we posted an article about the difference between IPv4 and IPv6. Our research team has expanded on those findings with additional performance tests, more domains, and more locations. In addition to assessing the speed and performance, the analysis we are presenting today leverages statistical hypothesis tests to clearly identify winners and […]
SSH Brute Force Compromises Leading to DDoS
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We configured five cloud servers on Linode and Digital Ocean with the root password set to “password.” The idea was to see how long it would… […]
IoT Home Router Botnet Leveraged in Large DDoS Attack
We have been monitoring a large-scale Layer 7 HTTPS flood attack (i.e., application level DDoS) against a customer over the past few weeks. It is being distributed across 47,000 IP addresses and has been pushing over 120,000 HTTPS requests per second (RPS) to the website. Unlike volumetric attacks that target the network link (measured in… […]
IPv4 vs IPv6 Performance Comparison
IPv6 usage has been growing very slowly through the last 10 to 15 years. Since mid-2015 it started to pick up and increase adoption at a rapid pace. Google, for example, has been tracking their IPv6 usage since 2009 and it is beautiful to finally see some growth. As the number of available IPv4 addresses… […]
Browser/OS Statistics From Half Billion Blocked Attacks
The need to make better sense of markets is paramount to the way businesses are run and decisions are made. We see this with the proliferation of online services that allow us to better gauge and understand our respective markets. If I think of it from an engineering perspective, one case might be the type… […]
Large CCTV Botnet Leveraged in DDoS Attacks
Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention because of the intensity and duration of the attack, and – as we discovered through some research – how it was being done. In this article, we’ll share the specifics in an effort to track… […]
PCI for SMB: Requirement 1- Install and Maintain a Firewall
If you have an ecommerce website, allowing you to accept credit cards on your site, PCI compliance should not be a new concept or term. PCI DSS (Payment Card Industry – Data Security Standard) is a standard that was established in a collaborative process between the major credit issuers – Visa, MasterCard, Discover, American Express and… […]
Analyzing ImageTragick Exploits in the Wild
Three days ago the ImageMagic (ImageTragick) vulnerability was released to the world. We’ve been actively monitoring as promised, and have started to see a few different attacks targeting the vulnerability. Interestingly enough, the attacks themselves seem to be targeted against specific customers and not mass blanket attacks, which is what you’d expect when these typeRead […]
ImageMagick Remote Command Execution Vulnerability
ImageMagick is a popular software used to convert, edit and manipulate images. It has libraries for all common programming languages, including PHP, Python, Ruby and many others. It is also very simple to use, which lead it to be used by many developers when in need of image cropping or manipulation. However, the latest versionsRead […]