Your Anti-Fraud Residential Proxy Detection Sucks
Your anti fraud IP Intelligence service is no longer fit for purpose. Learn about the challenges in detecting residential proxies and why traditional methods don't work.
How To Exclude Query String Parameters from Search Engine crawling using robots.txt
Double crawling of pages by search engines due to filtering options and query strings can be a massive drain on server resources. Learn how to control it using robots.txt.
The Iconic is the latest Account Takeover victim in the news
Popular Australian fashion website TheIconic recently suffered reputational damage from fraudsters placing orders after an account takeover. Learn how this happens and what you can do to stop it.
Protecting the browser, an HTTP security header overview
Client side attacks on your website can have devastating impact on business credibility. Learn how to protect your clients with these HTTP Headers.
APRA Recommendations for website security
While Essential 8 mainly deals with workplace cybersecurity, APRA has published the Information Security Manual with numerous references to internet services. Read on to find out more.
HTTP/2 Rapid Reset Attack Deepdive
The technicalities of the HTTP/2 Rapid Reset vulnerability and steps to fortify against DDoS threats.
Understanding the HTTP/2 Rapid Reset Attack: What It Means and How to Stay Protected
A comprehensive breakdown of the HTTP/2 Rapid Reset flaw and guidance on bolstering defences against potential DDoS attacks.
The Emerging Trends: Single Page Applications, Headless Commerce, and Security Threats
An exploration of the evolution in headless commerce and the corresponding security challenges.
Handling the Microsoft 365 outage - a lesson for future DDoS attacks.
Peakhour's take on the recent Microsoft 365 outages instigated by threat actor Storm-1359.
When Bots Break Bad
Even 'good' bots can end up abusing your site and impacting performance, learn why and how to stop it.
Layer 7 DoS attacks and Full Page Caching
Discover how Full Page Caching can help mitigate layer 7 DoS attacks.
Chrome's TLS Extension Randomisation Experiment: Assessing its Impact on TLS Fingerprinting
Does TLS extension randomisation assist in hiding Chrome?
TLS Fingerprinting: A Primer
What is fingerprinting, and in particular TLS fingerprinting?
IP Threat Intelligence
Discover and block threats through data enrichment using managed IP reputation lists
CVE-2022-26134 Atlassian Confluence vulnerability.
Peakhour clients are protected against CVF-2022-26134 Atlassian Confluence RCE
Rate limiting
Rate limiting is a powerful way to control client behaviour and protect your origin. Flexible definition of limits and criteria allow precise targeting of client behaviours to limit.
Rate limiting - How it works
How can rate limiting protect your web application and the key items to consider when enabling.
Bad Bot Countermeasures
Bad bots can have significant impact to your website while being hard to detect and stop. Here we detail accepted best practise on how to combat the growing threat from bad bots.
The Threat From Bad Bots
Bad bots can cause significant financial damage to organizations in a variety of ways, ranging from overwhelming websites with internet traffic disrupting online operations, and stealing information including web content and ecommerce pricing data.