Networks Guru

Tag: F5

Patching WordPress DoS Vulnerability CVE-2018-6389 using Modsecurity

The Vulnerability as explained in https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html relies in executing high number of requests, So by temporarily applying rate limiting, the impact of this vulnerability maybe mitigated using various methods one of them is by using Modsecurity until a fix is released.

Other References:

https://wpvulndb.com/vulnerabilities/9021
https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
https://github.com/quitten/doser.py
https://thehackernews.com/2018/02/wordpress-dos-exploit.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389

The Impact of License Expiry on F5 BIG-IP VE

When a license “Support Contract” expires on an F5 appliance whether if it’s a Physical or a Virtual appliance, there’s no effect/disruption to the production environment configured on the device itself.
When the support contract is expired the impact is described below,

– If you come across a software issue or bugs, then you will not be able to upgrade
– No support/assistance will be provided by the vendor related to the appliance.

It’s usually advised to contact the support in case of any doubts.

Powered by WordPress & Theme by Anders Norén