Highest Voted 'ddos' Questions

13

votes

3 answers

Prevent Malicious Requests - DOS Attacks

I'm developing an asp.net MVC web application and the client has request that we try our best to make it as resilient as possible to Denial of Service attacks. They are worried that the site may receive malicious high volume requests with the…

c# asp.net-mvc ddos

asked Feb 05 '13 at 11:13

Leigh Ciechanowski

1,297
17
33

11

votes

5 answers

How can I defend against DoS attacks using Amazon EC2 Load Balancer?

We usually blacklist IPs address with iptables. But in Amazon EC2, if a connection goes through the Elastic Load Balancer, the remote address will be replaced by the load balancer's address, rendering iptables useless. In the case for HTTP,…

amazon-ec2 load-balancing iptables ddos

asked Mar 07 '10 at 00:04

netvope

7,647
7
32
42

11

votes

6 answers

Which cloud based, scalable web service is best for DDOS prevention?

I have an idea for a website that I would like to develop and release. It is a web application that I would like to implement on some form of cloud-based web hosting service (i.e. the Google App Engine, Amazon Web Services, others that I may not be…

security google-app-engine amazon-web-services cloud ddos

asked May 15 '12 at 15:22

RLH

15,230
22
98
182

10

votes

2 answers

Dealing with CloudFlare's: cf_chl_jschl_tk & cf_chl_captcha_tk?

The problem: When my website is set to "I'm under attack" mode, once a user passes the CloudFlare screen they are redirected to my website with a large, and rather long query get…

php cloudflare ddos

asked Apr 24 '20 at 19:16

Jack

3,271
11
48
57

10

votes

2 answers

Apache2 mod_evasive vs mod_security with OWASP crs when protecting against DDOS?

Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already…

apache tomcat ddos owasp mod-security

asked Oct 28 '13 at 10:10

Martynas Sušinskas

101
1
4

9

votes

2 answers

DDOS in Cloud Run

I am currently running two containers on Cloud Run for my web app (React and Nodejs). I have been looking into how to prevent my apps from DDOS. Any suggestion?

node.js security google-cloud-platform google-cloud-run ddos

asked Sep 09 '20 at 14:17

Communitarian

95
1
5

9

votes

2 answers

Weird socket.io behavior when Node server is down and then restarted

I implemented a simple chat for my website where users can talk to each other with ExpressJS and Socket.io. I added a simple protection from a ddos attack that can be caused by one person spamming the window like this: if…

javascript node.js security socket.io ddos

asked Aug 19 '18 at 18:31

good_evening

21,085
65
193
298

9

votes

4 answers

How to limit the number of characters read by StreamReader.ReadLine() in .NET?

I am writing a web server application in C# and using StreamReader class to read from an underlying NetworkStream: NetworkStream ns = new NetworkStream(clientSocket); StreamReader sr = new StreamReader(ns); String request = sr.ReadLine(); This…

c# readline streamreader ddos

asked Dec 30 '08 at 14:34

Roman Shumikhin

613
2
6
10

9

votes

4 answers

How can I set AWS ELB block too many queries from a given IP?

We have had issues where one IP makes hundreds of requests to our servers, resulting in an overloaded RDS database. Is there a way to set our AWS ELB to block in the case of this DOS-like behavior?

amazon-web-services amazon-elb ddos

asked Feb 09 '16 at 20:50

william tell

4,352
6
23
27

8

votes

0 answers

How to share rate limiting state between traefik instances?

My company runs a kubernetes setup with 6 nodes and traefik 1.6 deployed as a DaemonSet to each node in production. Each traefik instance takes incoming (ssl terminated) requests on port 80 from an AWS ALB and forwards them to the individual…

kubernetes ddos traefik

asked May 03 '18 at 01:28

fruuf

81
1

8

votes

1 answer

How to prevent SSDP reflection / amplification attacks correctly?

I'm implementing a device that ought to respond to SSDP M-SEARCH queries. I'm a device vendor and I don't have control where these devices will be deployed. There's a known DDoS attack that uses SSDP search amplification, that is attacker sends…

security network-programming ddos ssdp

asked Sep 15 '15 at 09:06

Dima Tisnek

11,241
4
68
120

8

votes

3 answers

Dealing with / preventing potentially malicious requests (AWS, Node.js)

I have a server that is running on aws - it's load balanced to some ec2 instances that run node.js servers. The security groups are set up so that only the LB can hit them on the HTTP port. I was tailing some log files, and saw a bunch (50 or so at…

node.js security amazon-web-services amazon-ec2 ddos

asked Dec 15 '13 at 02:00

Jesse

10,370
10
62
81

8

votes

3 answers

Config of nginx to filter http flood

A have a http flood on my server, not so much queries, but anyway. Queries in log 95.55.237.3 - - [06/Sep/2012:14:38:23 +0400] "GET / HTTP/1.0" 200 35551 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)" "-" | "-" 93.78.44.25 - -…

nginx ddos

asked Sep 06 '12 at 10:56

kedoff

125
1
2
5

7

votes

3 answers

How to prevent DOS attacks on my http server which written in node.js?

using node.js, the net module for building a tcp server which can hande http requests. I would like to prevent dos attacks so what I have done is somthing like this: if (status.numOfCurrentRequests + 1 >= MAX_NUM_OF_CONNECTIONS) { socket.end(); …

javascript node.js security ddos

asked Dec 22 '11 at 22:03

0x90

39,472
36
165
245

7

votes

1 answer

Using mod_evasive on a specific directory

I'm trying to limit requests to an API on an internal site I've managed to implement mod_evasive to successfully block requests after a specific amount in a specific time. But this is causing problems for users of the webUI I've tried limiting the…

apache apache2 ddos mod-evasive

asked Aug 25 '11 at 12:36

hipyhop

179
4
12

Questions tagged [ddos]