All geek questions in one place

Server is slowban friendly. Possible?

How can you implement slowban , which will not become a DoS tool on our website?

The problem is that deliberate delay in servicing the HTTP response will delay server resources (web server threads and possibly other subsystems).

+6
source share
4 answers

If your web application is complex and requires significant resources, perhaps the wrong place to implement slowban is due to a slowloris-attack problem.

Instead, you can enter slowban by proxying the application through a lightweight proxy or web server, such as lighttpd or nginx, serving from the cache and static content and using your firewall. From there, you can configure the bandwidth in your firewall, keeping the required resources relatively low, since the troll connection is mainly served by a lightweight proxy server instead of your heavy application server.

Although it has some concerns to consider on its own (namely, to include a possible insecure application for inserting ip-based rules in your firewall), iptables and the kernel are relatively lightweight.

The only thing you need to consider is the number of open connections that your system can tolerate, and when to start killing the longest open connections to make room for new ones. Definitely prepare your website to deal with low-bandwidth packages.

+4
source

You can enable slowban with resource monitoring so that if it becomes apparent that a slow user is trying DoS, they will be replaced instead.

+2
source

How smart are you in your trolls? You can enter a delay in javascript for any elements sent to the server.

-2
source

You can implement the slowban client side instead of the server side, for example:

CSS

body { visibility: hidden; }

JavaScript:

 $(document).ready(function() { window.setTimeout(function() { $("body").css("visibility", "visible"); }, /*How long you want the delay to be*/); });
-2
source

Source: https://habr.com/ru/post/890141/

More articles:


All Articles