Hello everyone, I would like to hear your opinion on how you would approach this problem.
We have two Varnish servers running in a load-balancing cluster that cache TYPO3-based websites. We keep having the problem that script kiddies like to flood the server with requests and probes for vulnerable web applications.
Basically, a WAF is connected upstream of the servers, but every now and then something gets through that isn't detected. This sometimes puts stress on our backend servers, so I'm thinking about how best to deal with it. Mod vsthrottle came to mind, i.e. slowing everything down once a certain request rate is reached. But of course, I don't want to affect ‘real’ requests. What comes to mind for you?
Best regards! Christian
smime.p7s
Description: Kryptografische S/MIME-Signatur
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
