DoS attack in the wild
luben at unixsol.org
Fri Jun 19 22:45:01 MSD 2009
A DoS attack against number of http servers is available and has hit
Out of the box nginx is also vulnerable (I have tested it on latest 0.7
installation). A quick fix for the vulnerability follows:
Put in "http" section:
limit_zone limit_per_ip $binary_remote_addr 1m;
and put in "server" section :
limit_conn limit_per 16;
The last 2 configuration lines are for limiting connections per client
IP. This fist lines are same sane connection timeouts.
Best regards and keep the great work!
More information about the nginx