DDoS protection module suggestion
malte
nginx-forum at nginx.us
Fri Nov 5 08:58:31 MSK 2010
Weibin Yao Wrote:
> We are facing the similar DDOS situation to you.
> I'm developing a module
> which can deny the individual IPs. The module can
> get the IPs with a
> POST request from a commander server in the
> intranet. If you have some
> suggestions, you can contact to me.
>
> The module will be here:
> https://github.com/yaoweibin/nginx_limit_access_mo
> dule, but I need some
> more days to finish it.
Wonderful!
Being able to interrogate the server for a list of bad IPs is an
excellent idea, it would allow people to make their own firewall-block
scripts etc.
The main suggestion I have is that the module supports this kind of
rule:
If an IP has requested more than X pages in the last Y seconds, then
serve only 503 errors to that IP for the next Z seconds, and use at most
W megabytes of RAM for the bad-IP pool.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,147863#msg-147863
More information about the nginx
mailing list