DDoS protection module suggestion

Weibin Yao nbubingo at gmail.com
Fri Nov 5 12:33:11 MSK 2010


malte at 2010-11-5 13:58 wrote:
> Weibin Yao Wrote:
>   
>> We are facing the similar DDOS situation to you.
>> I'm developing a module 
>> which can deny the individual IPs. The module can
>> get the IPs with a 
>> POST request from a commander server in the
>> intranet. If you have some 
>> suggestions, you can contact to me.
>>
>> The module will be here: 
>> https://github.com/yaoweibin/nginx_limit_access_mo
>> dule, but I need some 
>> more days to finish it.
>>     
>
>
> Wonderful!
> Being able to interrogate the server for a list of bad IPs is an
> excellent idea, it would allow people to make their own firewall-block
> scripts etc.
>
> The main suggestion I have is that the module supports this kind of
> rule:
> If an IP has requested more than X pages in the last Y seconds, then
> serve only 503 errors to that IP for the next Z seconds,
Is it the similar feature with the limit_request module? Except the 
limit_request module still is servicing the requests under the burst value.
>  and use at most
> W megabytes of RAM for the bad-IP pool.
>   
Yes, I will use a fixed allocated shared memory to store the big bad-IP 
hash table.
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,147863#msg-147863
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
>   


-- 
Weibin Yao




More information about the nginx mailing list