3 Ways to Prevent Bot Attacks on Your Web Applications

botsIt’s becoming more common to hear about IoT security — or the lack thereof — in the news, and computers and IoT devices are frequently targeted by hackers for “bot” employment to perform distributed denial of service (DDoS) attacks, application exploits and credential stuffing. Non human traffic or bot traffic represents currently more than 60% of the total traffic going to web sites.

Those bots come in a variety of forms, making it extremely important to distinguish between the infected hosts that often make up botnets to perform various malicious activities, to the legitimate bots that are extremely important in driving customer traffic to your site (Googlebot, for example).

Different Types of Bot Attacks on Web Services

Websites that contain pricing information and proprietary information are especially vulnerable to bot traffic.

An example of a content scraping process can be seen when airline companies use bot farming to scrape price information from competitive airline company sites. They use this information to dynamically price similar products — once they find out what a competitor is charging, they can price their services lower to gain a market advantage.

A more malicious use includes deploying a botnet that seeks out vulnerabilities in website technology and stores this as a vulnerable site, ripe for exploitation. Read the rest of this entry »

Dark Launching: A Way to Test New Features Before Going Live

Dark LaunchWhen planning a deployment of a new application or feature, it’s a good idea to test it first to gauge its potential and, more importantly, ensure it works in production.

To do this, you can predeploy it in production and either have your team test it, or have a select group of users try it for a while. This can help you find out whether the feature is worth the development time or whether you want to change your strategy.

This process is called “dark launching,” and it helps your team members test changes and see whether the code they developed is working in production. These test users may provide feedback on the changes you make, and you can monitor how the application is behaving when utilized by end users.

Read the rest of this entry »

Create More Efficiency for DevOps by Automating Security Patches

Security PatchAt LeaseWeb we are always looking for ways to automate tasks and processes to make the work of our engineers easier and allow them to spend more time on innovation rather than repetitive tasks. One of those tasks is the installation of (monthly) recurring security updates (Windows, Linux, etc.).

Not every company has the latest security patches installed, as evidenced over the last view months with the ransomware attacks (WannaCry for example). Fortunately, within LeaseWeb we were up to date and not impacted by the ransomware attacks, but it does highlight the importance of these security updates.

The events also raise the question if some companies did not have all their updates in order because the tedious deployment task of such patches may not be on every engineer’s “favorite things to do” list.

Within our product engineering department, we also struggle with the task of deploying these patches each month due to the amount of work that goes into deploying these updates on all our systems. For this reason, one of our teams decided to automate this job as much as possible.

At first we considered using Chef which was already heavily used in our company; however, we found that it was not the best option particularly for Windows updates.

After conducting more research, we selected Ansible.  For those unfamiliar with Ansible, it is a simple yet powerful open source automation platform. This product can help with configuration management, application deployment and task automation. Unlike Puppet or Chef, it doesn’t use an agent on the remote host. The main reason we chose Ansible is it already has a nice way to deploy patches on Linux boxes via SSH, but also has a module for Windows updates.

We then set out to configure Ansible for Windows and Linux updates. Linux was easy. It only required SSH connections from a specific system, which in our case was an Ansible management server, and then running a playbook.  But for Windows it was a bit more challenging.  For this system Ansible uses Windows remote management services or WIN_RM.  To set this up you need to enable WIN_RM, open some firewall ports, and start the services.

Fortunately, Ansible provides a nice PowerShell script to do all these tasks for you.  We did discover a downside when trying to remotely run this PowerShell script.  It failed because it needed to run with elevated security permissions, and Windows 2016 prompts the user to confirm these elevated rights executions.

Unfortunately, not all our Windows servers have Chef running, so we had do come up with a different way of enabling WIN_RM and opening firewall ports. In the end we decided to spread the workload of running this script amongst some team members because as the saying goes, “many hands make light work.”

The end result is that we now have both Windows and Linux servers ready to receive patches from Ansible, saving our team time which can be used for other tasks instead of deploying these patches every four weeks.

We still have some work left to do such as completely removing the remaining manual actions. At the moment, someone still needs to login to an Ansible jump host (which we use to connect to different networks) and run the playbook. We also have to manually put systems in downtime in our monitoring platform.

One other important thing we still need to implement is a result check in order to know if a deployment was successful or not.

But now that we have more time on our hands, I am confident it will get done.

 

4 Ways to Make Sure Your Webshop Stays Open

e-commerce hostingWhile global e-commerce sales are predicted to approach $2.5 trillion this year and continue to grow to nearly $4 trillion by 2020, according to a recent eMarketer report, the market remains highly competitive.

Nearly 80 percent of new e-commerce sites ultimately fail, and companies need to have a strong understanding of their market, trends, merchandise, platform, and e-commerce hosting if they want to be among the minority of sites that succeeds.

Most importantly, though, new sellers must understand their customers. More than any other factor, knowing your customer is what will allow you to deliver a first-class online experience.

Read the rest of this entry »

U.S. Data Center Upgrades for Even Better Performance

data centerLast month, I wrote about five things you can do to ensure shorter load times for your sites. Today I want to look at a sixth, positioning your services as close as possible to your end users.

LeaseWeb entered the U.S. market in 2011, in part because our clients across Europe and Asia needed North America-based hosting. Over time, we’ve grown our presence, both organically and through acquisition. We now operate 10 data centers across the continent with local U.S. based support.

Positioning services closer to end users enhances customer experience by decreasing content delivery times. Geographic spread also provides the safest disaster recovery and remote backup solutions for maximum uptime.

Read the rest of this entry »

The Power of HTTP/2 for CDN

http/2HTTP is a protocol that all web developers must familiarize themselves with. It was introduced in 1989 by Sir Timothy John Berners-Lee, which he developed using a single NeXTcube workstation, and it continues to prove reliable for networks with port connection speeds surpassing 10 megabits.

Then, in 2015, the Internet Engineering Task Force released HTTP/2, which quickly rose in popularity as the second most useful internet protocol available. Now, LeaseWeb CDN is using HTTP/2 to deliver the content even faster globally.

What Are Some of the Benefits of HTTP/2?

In short, HTTP/2 is faster and more secure, which is why its adoption happened so quickly. Due to the advanced development of HTTP/2 protocols, concatenation and domain sharding are no longer necessary. And unlike traditional HTTP, HTTP/2 is binary instead of textual. As a result, it’s much easier to send bits/bytes and strings representing numbers due to their more compact structure. Read the rest of this entry »

From Hyperscale to Open Options: Preparing for Hybrid Cloud with Microsoft Azure Stack

Microsoft Azure StackFollowing the recent announcement of our Azure Stack Beta program, we spoke with LeaseWeb’s Technical Evangelist Robert van der Meulen about how Azure Stack will usher in a new era in hybrid cloud computing. Today’s cloud adopters will see many benefits by developing a hybrid cloud strategy that combines the features of both open cloud providers like LeaseWeb and hyperscalers like Microsoft’s Azure.

Why is LeaseWeb offering Azure Stack Beta (ASDK) and what is the demand from customers like?

It helps IT teams to experience in practice what kind of services Azure Stack brings, and how they fit in their existing and planned landscapes. Particularly it shows how public cloud-like services can be available in the trusted environment of a private cloud, or hosted data center. Azure Stack addresses the market for private cloud services with public cloud capabilities. The ASDK opens that environment up without the large up-front investment, and gives IT teams the capability to validate that their solution will work in a private Azure Stack setup.

Read the rest of this entry »

What It Takes to Stay Relevant in a Gamer’s World

gaming infrastructureNobody ever accused game developers of having an easy job. But over the past decade, more powerful and expensive hardware, as well as social games hosted on smartphones, have upped the ante. The gaming world is larger and more competitive than ever, and the market is evolving constantly.

Nowadays, even really good developers will make games that get passed over or lost in a sea of other options. It’s a global arena, and if you’re not making world-class products, you’re not going to last.

Undeniably, making great games that reach a large audience requires some element of luck. But more than luck, it requires commitment. You have to be dedicated to overcoming the challenges you’ll inevitably encounter, whether you’re an indie or AAA developer.

Today’s most successful developers aren’t the ones who spend the most on production, obtain the most funding, or utilize the best engine — they’re the ones who are relentlessly focused on giving gamers the best experience possible and that requires the right gaming infrastructure.

Read the rest of this entry »

Embrace Your Natural Talent for True Career Success

Career Success

Most people have tried at some point to be someone they’re not. Sometimes it’s because we like the change, and sometimes it’s because we feel like we have to change in order to fit in.

When I was a little boy, I loved playing football. While I was a decent central defender and right wing-back, because I was fairly strong and had a good pace and a fierce shot, I ended up as a striker once in a while, too.

My technique and instincts let me down when trying to be a good striker, though. I’m more a problem solver than somebody who loves to score. I love to steer a team from the back, and come time to make a decision, I thrive under pressure. And I have a tendency to lead and help other people out, which are all good assets for a defender.

A striker, however, needs other qualities. The best strikers are patient, focused on individual success, and maybe even a little egotistical at times.

Read the rest of this entry »

Protecting Your Business From Increasingly Sophisticated Cyberattacks

cyberattacksWhether you’re leading a Fortune 500 company or your own small business, cybersecurity must be a fundamental business objective. Several high-profile cyberattacks in the first half of 2017 have affected organizations of all sizes all over the world, and these attacks are only going to become more common and more sophisticated.

As a business leader, it’s important to understand that the threat is constant. Even if you’ve never experienced an attack, your servers are perpetually being scanned by hackers for vulnerabilities — and the damage can be fatal to your business. A cyberattack can result in the loss of critical information, putting the reputation of your brand at stake.

If you suffer a cyberattack and are able to react quickly, it’s certainly possible to mitigate the damage to your business and your customers, though containing an attack can get tremendously expensive. If you have a plan in place, however, you can save yourself a lot of time and money — and protect the future of your business.

Read the rest of this entry »

LeaseWeb on Twitter

Don't miss Julien Lehmann at 16:25 in the main room, as he reveals tips on how you can protect yourself against malicious attacks #SiGMA17

test Twitter Media - Don't miss Julien Lehmann at 16:25 in the main room, as he reveals tips on how you can protect yourself against malicious attacks  #SiGMA17 https://t.co/ugXAQzYMrX

Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you!

test Twitter Media - Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you! https://t.co/Vdr5EVjD0Y
test Twitter Media - Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you! https://t.co/Vdr5EVjD0Y

Catch Willem van Oort speak about the Dutch gaming market on Friday @11:45

test Twitter Media - Catch Willem van Oort speak about the Dutch gaming market on Friday @11:45 https://t.co/LRI8YdLRLY