Restore Original Visitors IP

Restore Original Visitors IP When using the NOC platform the visitors public IP will be masked by our own. This is a result of how reverse proxies work. In it’s most basic form, we intercept all incoming requests and only forward the good ones to your origin. This means your origin server will see all…

Read More

NOC IPs

NOC IPs By design the NOC platform will sit between the outside world and your origin server. This means all requests will go through the NOC platform first before being routed to your origin server.   To ensure bad actors are not able to bypass the CDN/WAF all direct communication should be limited to the…

Read More

WooCommerce Patches Two SQLi Vulnerabilities

Yesterday, WooCommerce released an urgent announcement encouraging users to update because of a serious vulnerability.   They don’t get into the details, but for us it’s imperative to understand what they are patching so that we can virtually patch at the edge via the NOC Web Application Firewall (WAF). Especially when it comes to a…

Read More

Evolving the CDN / WAF Stack

A decade ago we built our first CDN/WAF solution. It was built from a need to keep websites from getting reinfected.   At the time, our company was focused on identifying and remediating hacked websites. What we learned in the process is that it really doesn’t matter what you tell a website owner, they will…

Read More

Securing WordPress in The Enterprise

Approaching a web applications security is as much about mindset as it is about the tools and configurations you deploy. It’s why security professional always talk about people > process > technology. Unfortunately, in almost every incident response instance the former components, of people and process, are often nonexistent.   I blame a lot of…

Read More

Using DIG to Query DNS Data

Using DIG to Query DNS Data Domain Information Groper (DIG) is a command line tool that is widely used when troubleshooting DNS issues. If you’re an administrator working with any part of DNS it’s a critical piece of your toolbox. Example 1: Find the A Record for a domain Let’s assume we want to know…

Read More

Using NSLOOKUP to Query DNS Data

Using NSLookup to Query DNS Data If you’re working with the Domain Name System (DNS) you don’t have a choice, you have to become familiar with NSLOOKUP. NSLOOKUP is a command-line tool that can be run in your command prompt (Windows) or terminal (MacOS / Linux). It’s an amazing tool for troubleshooting DNS issues. It…

Read More

Troubleshooting Random Connection Errors with a WAF/CDN

Troubleshooting Random Connection Errors with a WAF/CDN There are instances where a connection might fail. It could be the NOC network, it could be your server. This is a quick way to troubleshoot the issue and identify where the problem is originating from. Example Issue: While posting an article in WordPress a random error was…

Read More