DDoS protection module suggestion

malte nginx-forum at nginx.us
Thu Nov 4 05:22:32 MSK 2010


> If the site's audience is truly global, it's very
> difficult.
> 
> Apart from the fact that in a true DDoS scenario
> (in the mentioned  
> case, we're talking about 200something attacking
> hosts), you'd need  
> NGINX to be sitting next to your peering points
> upstream.


This site has an emphasis on US, but still US traffic only makes up 40%
of the traffic, the rest is largely Canada, Western Europe and
Australia, but there is also a fair amount of India, Russia and Pakistan
in there, so I would say the GeoIP idea wouldn't serve us well.

We had about 50k attacking hosts attacking over the course of 24h.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,147485#msg-147485




More information about the nginx mailing list