Hello, My NGINX got a denial of service. The machine proxied large files using "proxy_store". Someone was creating an artifical request for a rarely used file, causing NGINX to download a big file from upstream, then he immediately closed the connection. NGINX continued to download this file. Then he did the same again with some other rarely used file. Within a couple of minutes I had thousands of connections, downloading huge files from the backend.
My solution was, to add a small feature: proxy_ignore_client_abort 10%; If the server did not download at least 10% from the backend-machine, he closes the connection to the backend as soon as the client closed the connection to the server, even if "proxy_store" was used. The patch: http://doppelbauer.name/abort-upstream-161.patch Thanks a lot Markus Posted at Nginx Forum: http://forum.nginx.org/read.php?2,252594,252594#msg-252594 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
