It's believed that SPDY is a huge DDoS vector by itself

JackB nginx-forum at nginx.us
Tue Jan 28 12:33:41 UTC 2014


The subject is a quote of Maxim Dounin in a discussion found here:
http://forum.nginx.org/read.php?29,246885,246902#msg-246902

It would be nice to have a detailed list of SPDY functionality that could be
used as a DDoS vector. And it would be even better, to have an nginx
configuration example to workaround each problem without simply disabling
features.

Last, should there be a default configuration in nginx/spdy which prevents
the abuse for DDoS attacks?

Any thoughts?

Thanks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,246911,246911#msg-246911



More information about the nginx mailing list