Aenn Seidhe Priest schrieb:
Hello,
a webserver is under attack.
What's required is some kind of filtering software and a firewall that
could do the following:
pass only valid HTTP GET requests and block all other HTTP methods (PUT,
OPTIONS, CONNECT, etc.), possibly validate HTTP GET requests by matching to
local paths;
optionally disable HTTP 1.1 requests;
block excessively long URLs;
have an extensions whitelist/blacklist;
the firewall would have to have an option to auto-ban for flooding, and
restrict the simultaneous number of requests/connections from a single IP.
in case your webserver is an apache have you already checked out
mod_evasive (http://www.zdziarski.com/projects/mod_evasive/). Haven't
tried it myself, but on their page they write: "mod_evasive is an
evasive maneuvers module for Apache to provide evasive action in the
event of an HTTP DoS or DDoS attack or brute force attack"...
greets, frank.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
