WHAT IS
HOW IT WORKS
SOLUTIONS
//
Caching and Always Online
Mithril stands in front of your websites and it can improve performances and response time by a lot of modules. One of them is the “Caching & Always Online” module. Thanks to it, Mithril can serve static content instead of your web server (such as images, styles, javascript, fonts, videos, etc..).
//
DDoS Mitigation and protection
Distributed Denial of Service or Denial of Service (DoS) attacks are becoming easy to perform thanks to “DoS for hire” services also known as “Booter/Stresser” services. Many criminal organizations sell their DoS service for a few dollars a month and anyone can buy these services to attack any websites on the internet.
//
Bot Management
Using Mithril you’ll be able to identify humans, good bot, and bad bot connecting to your website or web application. Our Bad Bot Detection module is able to filter out unwanted Automated Threats without affecting the user’s experience with a CAPTCHA or invasive landing page.
//
Virtual Patching
Many customers choose our Mithril service to apply virtual patches on their web application. Our Vulnerability Assessment and Penetration Test Team is at your disposal to test your web application looking for misconfiguration and vulnerabilities. Once done, Mithril can patch each vulnerability found without touching your website or web application code.
FEATURES
//
Proxy Caching and Service Worker
Mithril distributes cache among all its nodes, and gives users control about what or what not to put in their cache. Thanks to its Cache API, any user can completely purge all cache or just delete a single content.
//
Application Layer 7 DoS Mitigation
DDoS-for-hire services, also known as booters or stressers, offer malicious actors an easy way to anonymously attack any Internet-connected target. Using such services, anyone can send millions of HTTP requests against any target website, in order to exhaust the web server’s resources, making it unresponsive or unreachable.
//
JavaScript Challenge and four Bad Bot generations
Bad Bots have evolved during the last decade in four different generations. Let’s learn more about them, in order to understand how Bad Bot Protection works.
//
Learning Phase and Response Filtering
One of the hardest things to do during the learning phase is to identify all query string and body parameters having a well-known format. This refers to: “numeric only”, alphabetical, alphanumeric, etc.. among all content types requested such as form urlencoded, JSON, XML, multipart, and many others.
CASE STUDY
CONTACT
UNDER ATTACK ?
Filter by
Categories
Tags
Authors
Show all
All
Article Solution
Industry
Vulnerabilities
All
CVE-2021-42717
DoS
JSON
ModSecurity
All
emanuele marca
francesco
Support
janin
paola
Andrea Ubertallo
5 December 2021
Published by
Andrea Ubertallo
on
5 December 2021
Categories
Article Solution
Vulnerabilities
How we discovered and patched ModSecurity DoS CVE-2021-42717
This article describes how we found a Denial of Service vulnerability on the ModSecurity JSON body processor (CVE-2021-42717) and how Mithril’s Developers Team patched it waiting
[…]
English
No translations available for this page
