DDoS protection module suggestion
malte
nginx-forum at nginx.us
Fri Nov 5 19:11:07 MSK 2010
unclepieman Wrote:
-------------------------------------------------------
> Hey,
>
> Instead of a 503, i would redirect them
> localhost:81 and allow them to
> validly themselves via captcha system in case its
> a false positive.
> Like above, if a host logs the same src_ip more
> than $x times in $xy
> min, u should be moving the acl up the chain, your
> sub-distribution,
> distribution cor or even edge routers.
It would be nice to have it configurable either way, but when you are
hit with a 50k bot attack and you have IPs requesting 50 pages per
second, you want to put them down immediately, not spend server time
serving them a dynamic captcha page.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,148021#msg-148021
More information about the nginx
mailing list