DDoS protection module suggestion

malte nginx-forum at nginx.us
Fri Nov 5 08:58:31 MSK 2010


Weibin Yao Wrote:
> We are facing the similar DDOS situation to you.
> I'm developing a module 
> which can deny the individual IPs. The module can
> get the IPs with a 
> POST request from a commander server in the
> intranet. If you have some 
> suggestions, you can contact to me.
> 
> The module will be here: 
> https://github.com/yaoweibin/nginx_limit_access_mo
> dule, but I need some 
> more days to finish it.


Wonderful!
Being able to interrogate the server for a list of bad IPs is an
excellent idea, it would allow people to make their own firewall-block
scripts etc.

The main suggestion I have is that the module supports this kind of
rule:
If an IP has requested more than X pages in the last Y seconds, then
serve only 503 errors to that IP for the next Z seconds, and use at most
W megabytes of RAM for the bad-IP pool.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,147863#msg-147863




More information about the nginx mailing list