This article is a very first answer to a question I recently received. The question was: You’re talking about web application firewalls. I’d like to know how to use the WAF for reverse proxying. … I also might use a firewall as it also contains functions like SQL injection prevention. So what’s in a web application firewall? A web application firewall, also known as WAF...
I recently was hired to create a web application firewall (WAF) using Citrix NetScaler to protect a SAP Hybris based e-shop. This shop has content for several languages, so we had to select the right home page. The base URL of the website was like that: . SSL was optional. I wanted to set the default language based on browser settings. I based it on HTTP- Header Accept-Language. There are...
Citrix had been cloud computing ever since. In fact, Citrix started doing professional Cloud Computing in 1995. They improved their private cloud approach in 2002 by launching Secure Gateway (and all it’s successors). They already did cloud computing when no one even knew about cloud computing. Maybe Citrix is the cloudiest company on the globe. Citrix dramatically improved their product over...
This is multi langage: a mix of German and English. Look for the flag you prefer .. Kürzlich haben mich Kollegen gefragt, welche Bücher es im Citrix Umfeld gibt. Ich persönlich gehe lieber in einen Kurs, als dass ich Bücher lese, aber Kurse sind teurer, und nicht jeder lernt auf diese Art gleich gut. Ich besitze naturgemäß einige XenApp und XenDesktop- Bücher, nicht alle sind gleich gut. Ich habe...
I’m just setting up a Web Application Firewall on a Citrix NetScaler 11.1 for a costumer’s shop. My costumer mandated: most of the website has to be available via HTTP. However we don’t want to expose sensitive information to the internet, so we had to create a policy redirecting users to SSL whenever needed. So how can we do this? First of all, I had to find out: which...
last update: February 10 2023 One of the most annoying issues in Citrix NetScaler is ICA / HDX connection issues. The reason for this is the way connection issues are reported. There are two potential sources of trouble: Citrix StoreFront and Citrix NetScaler Gateway. So I will divide my blog into three sections: How to find the source of trouble, Troubleshooting Citrix StoreFront and...
I was so enthusiastic, when I found out about NetScaler admin partitions! What a great extension to existing NetScalers! However I got disillusioned finding out about limitations. It took me some time to find out how to overcome this issues, but there are still some features missing. The feature I missed most is doing traces. It’s not listed in the compatibility list, so it’s intended...
Why would you like to customize a 404 page? Well, it’s all about misleading information. A hacker has a very limited chance to get a friend with your web server. On the other way, he needs to find out as much as any possible. The more he knows, the more likely his attack will be successful. On the other hand, he has to let sleeping dogs lie. With other words: He must not alarm you. One of...
I recently was asked to teach Citrix SD-WAN. My first thought was: wtf? I asked Google, and Google, knowing everything, spoke to me in infinite wisdom: Citrix SD-WAN’s previous name is Branch Repeater. And Branch Repeater, I did already know this, once was the new name for WanScaler (a product I have been certified on, but never used in real life). Meanwhile the product got rebranded again and is...
last update: January 6 / 2021 It does work no more, at least since version 12.1. Or: The power of the ANY service type This is a workaround for a well-known problem in NetScaler: Binding NetScaler Gateways to content switching vServers. This solution does not follow Citrix best practices. Avoid using it, if you can! My solution will work with NetScaler 10 upward. I didn’t test with 9.x as...