<html><head><style>body{font-family:Helvetica,Arial;font-size:13px}</style></head><body style="word-wrap:break-word"><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">Hi!</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">I don’t think just drop the connection is a good idea, client will never know what happens on the server end.</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">However, the code 444 may help you, nginx just close the connection in this case.</div> <div id="bloop_sign_1501638107398163200" class="bloop_sign"></div> <br><p class="airmail_on">On 2 August 2017 at 09:30:01, Phani Sreenivasa Prasad (<a href="mailto:nginx-forum@forum.nginx.org">nginx-forum@forum.nginx.org</a>) wrote:</p> <blockquote type="cite" class="clean_bq"><span><div><div></div><div>Hi All,
<br>
<br>I am using nginx in our products. When I run goldeneye DoS attack script
<br>against nginx, it is not able to defend against the attack and normal users
<br>getting impacted.
<br>
<br>python goldeneye.py http://<ipaddress> -w 5 -s 10000 -m random -d
<br>
<br>we are using below nginx limit_req options but didnt help. The nginx
<br>documentation says that, these options are used to limit the request rating
<br>limit per key. below is some sample configuration that we tried. The problem
<br>is, when we use these nginx options, it still keeps nginx busy responding
<br>with 503 or some other error code for all those requests beyond the rate
<br>limit . Hence any genuine user when trying to access webserver during the
<br>attack time, not getting chance to access our server and timing out or
<br>getting 500 error.
<br>
<br>http {
<br> limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s;
<br>
<br> ...
<br>
<br> server {
<br>
<br> limit_req zone=one ;
<br> ...
<br>
<br> location /sampleurl/ {
<br>
<br> }
<br>
<br>(Note: also tried limit_conn options and behavior is same).
<br>
<br>
<br>
<br>Why should nginx respond back with any error code rather it should drop
<br>connections !! otherwise it can't protect itself against any DoS attack.
<br>please share the thoughts.
<br>
<br>Posted at Nginx Forum: <a href="https://forum.nginx.org/read.php?2,275796,275796#msg-275796">https://forum.nginx.org/read.php?2,275796,275796#msg-275796</a>
<br>
<br>_______________________________________________
<br>nginx mailing list
<br><a href="mailto:nginx@nginx.org">nginx@nginx.org</a>
<br><a href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/mailman/listinfo/nginx</a>
<br></div></div></span></blockquote></body></html>