Web Application Firewall

Architect's Tech Stack

Feb 15, 2020 · Information Security

Apache Dubbo Deserialization Vulnerability (CVE-2019-17564): Principle, Affected Versions, and Protection Measures

The article explains the deserialization vulnerability (CVE-2019-17564) in Apache Dubbo when using HTTP, lists the impacted 2.5.x, 2.6.x, and 2.7.x versions, and provides mitigation steps including upgrading to 2.7.5 and applying Huawei Cloud WAF rules.

Apache DubboCVE-2019-17564Java RPC

0 likes · 3 min read

Apache Dubbo Deserialization Vulnerability (CVE-2019-17564): Principle, Affected Versions, and Protection Measures

Ctrip Technology

Oct 14, 2016 · Information Security

Design and Implementation of a Cloud-Based Web Application Firewall at Ctrip

This article describes Ctrip's challenges with traditional hardware and cloud WAFs, presents a low‑cost, DNS‑based cloud WAF solution, and details its closed‑loop design, rule management, big‑data analytics, and machine‑learning techniques for accurate web security protection.

Cloud SecurityDevOpsWeb Application Firewall

0 likes · 7 min read

Design and Implementation of a Cloud-Based Web Application Firewall at Ctrip