⬆️ ⬇️

Nginx module to combat DDoS

Many have encountered such a phenomenon as DDoS attack method HTTP flood. No, this is not another tutorial on setting up nginx, I want to present my module, which works as a quick filter between bots and backends during the L7 DDoS attack and allows us to filter out garbage requests.



Module can





Can not





How it works



Most often, the bots that implement HTTP flood are pretty dumb and do not have HTTP Cookie and redirect mechanisms. Sometimes more advanced ones come across - such ones can use cookies and process redirects, but almost never the DoS bot carries with it the full-fledged JavaScript engine.

To understand the principle of the filter, the flow of client-server communication is shown below, depending on the attack scenario.



  1. Bots do not understand redirects and cookies



  2. Bots understand redirects and cookies, but do not know JavaScript





')

Configuration examples for main attack scenarios







Source texts

A module with installation instructions and documentation is available on github under the BSD license.

Patches, add-ons, tests and bug reports are welcome.

Source: https://habr.com/ru/post/139931/



All Articles