Re: nginx limit_req and limit_conn not working to prevent DoS attack

Gary Sellani Tue, 01 Aug 2017 20:59:34 -0700

I don't know about iptables, but you can limit port 80 and 443 with ipfw. I run mine at 10 per IP. I've had corporations behind NAT trigger lesser limits. My point being you don't have to parse the log (swatch).

From: [email protected]

Sent: August 1, 2017 8:26 PM

To: [email protected]

Reply-to: [email protected]

Subject: Re: nginx limit_req and limit_conn not working to prevent DoS attack

You can use an external tool to parse Nginx error log and block the IP in iptables/netfilter

On Wed, Aug 2, 2017 at 7:43 AM, Phani Sreenivasa Prasad <[email protected]> wrote:

I assume it would help dropping connections . since we are setting rate
limit per ip and any client IP which is suspicious by sending requests in
bulk(lets say 10000 connections/requests), it makes sense to not to accept
connections/requests from that IP.

Thoughts ??

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,275796,275798#msg-275798

_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx

Anoop P Alias

_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx

Re: nginx limit_req and limit_conn not working to prevent DoS attack

Reply via email to