Yesterday I published a blog about DDOS- protection. I used the Citrix NetScaler AppQoE feature to do so. That’s nice, but not enough. I still could beat my server to a pulp easily. Just 10 clients launching a DDOS attack using HULK had been enough. I can’t throttle down the number of users to just 10! WTF? Basically AppQoE will just limit the number of users (actually it’s the...
last update: February 21st 2018 How to protect a website using Citrix NetScaler? Well it seems to be easy. A nonsense question. We may use AppQoE (Application level Quality of Experience), a feature introduced with NetScaler version 10, so it’s quite an old feature. Let’s start. AppQoE is enterprise edition My first starting point was E-Docs. Let’s be honest: the guy in charge...
This article is a very first answer to a question I recently received. The question was: You’re talking about web application firewalls. I’d like to know how to use the WAF for reverse proxying. … I also might use a firewall as it also contains functions like SQL injection prevention. So what’s in a web application firewall? A web application firewall, also known as WAF...
I recently was hired to create a web application firewall (WAF) using Citrix NetScaler to protect a SAP Hybris based e-shop. This shop has content for several languages, so we had to select the right home page. The base URL of the website was like that: . SSL was optional. I wanted to set the default language based on browser settings. I based it on HTTP- Header Accept-Language. There are...
Citrix had been cloud computing ever since. In fact, Citrix started doing professional Cloud Computing in 1995. They improved their private cloud approach in 2002 by launching Secure Gateway (and all it’s successors). They already did cloud computing when no one even knew about cloud computing. Maybe Citrix is the cloudiest company on the globe. Citrix dramatically improved their product over...
This is multi langage: a mix of German and English. Look for the flag you prefer .. Kürzlich haben mich Kollegen gefragt, welche Bücher es im Citrix Umfeld gibt. Ich persönlich gehe lieber in einen Kurs, als dass ich Bücher lese, aber Kurse sind teurer, und nicht jeder lernt auf diese Art gleich gut. Ich besitze naturgemäß einige XenApp und XenDesktop- Bücher, nicht alle sind gleich gut. Ich habe...
I’m just setting up a Web Application Firewall on a Citrix NetScaler 11.1 for a costumer’s shop. My costumer mandated: most of the website has to be available via HTTP. However we don’t want to expose sensitive information to the internet, so we had to create a policy redirecting users to SSL whenever needed. So how can we do this? First of all, I had to find out: which...
last update: February 10 2023 One of the most annoying issues in Citrix NetScaler is ICA / HDX connection issues. The reason for this is the way connection issues are reported. There are two potential sources of trouble: Citrix StoreFront and Citrix NetScaler Gateway. So I will divide my blog into three sections: How to find the source of trouble, Troubleshooting Citrix StoreFront and...
I was so enthusiastic, when I found out about NetScaler admin partitions! What a great extension to existing NetScalers! However I got disillusioned finding out about limitations. It took me some time to find out how to overcome this issues, but there are still some features missing. The feature I missed most is doing traces. It’s not listed in the compatibility list, so it’s intended...
Why would you like to customize a 404 page? Well, it’s all about misleading information. A hacker has a very limited chance to get a friend with your web server. On the other way, he needs to find out as much as any possible. The more he knows, the more likely his attack will be successful. On the other hand, he has to let sleeping dogs lie. With other words: He must not alarm you. One of...