DDoS protection module suggestion
Rainer Duffner
rainer at ultra-secure.de
Thu Nov 4 00:38:35 MSK 2010
Am 03.11.2010 um 03:19 schrieb malte:
> I've recently been hit pretty hard with a nasty DDoS attack on a
> site of
> mine.
What demographic does the site serve?
If it's country-specific, you can use http://wiki.nginx.org/HttpGeoIPModule
and block most of the bad guys.
In the case I had, the site was only of interest to a very limited
(but sharply distinguishable) amount of the world-population ;-)
Nginx handled millions and millions of requests in a couple of hours
just to display some 403 page.
I created an "exception" config to handle the handful of other IPs
that needed to have access.
If the site's audience is truly global, it's very difficult.
Apart from the fact that in a true DDoS scenario (in the mentioned
case, we're talking about 200something attacking hosts), you'd need
NGINX to be sitting next to your peering points upstream.
Rainer
More information about the nginx
mailing list