Re: AW: Disabling HTTP/1.1 pipelining

On Fri, Sep 24, 2021 at 10:05:19AM +0200, Christopher Faulet wrote: > > So I guess I did just misunderstand the documentation and it would be nice > > to just clarify it in the docs that haproxy does not support HTTP/1.1 > > pipelining. > > I agree. Pipelining should at least be removed from

Re: AW: Disabling HTTP/1.1 pipelining

Le 9/21/21 à 6:00 PM, Stefan Behte a écrit : Hi Christopher, thank you for the hint, I'm aware of the different ways to mitigate DDoS with rate limits etc., I was just curious about the pipelining vector. :) http://www.haproxy.org/download/2.4/doc/configuration.txt says: " By default HAProxy

AW: Disabling HTTP/1.1 pipelining

Montag, 20. September 2021 19:04 An: Stefan Behte ; haproxy@formilux.org Betreff: Re: Disabling HTTP/1.1 pipelining Le 9/17/21 à 1:20 PM, Stefan Behte a écrit : > Hi everyone, > > surely many on this list have heard about the meris botnet > (https://krebsonsecurity.com/2021/09/kreb

Re: Disabling HTTP/1.1 pipelining

Le 9/17/21 à 1:20 PM, Stefan Behte a écrit : Hi everyone, surely many on this list have heard about the meris botnet (https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/) which uses HTTP/1.1 pipelining for layer 7 attacks. As far as I can see, it's not

Disabling HTTP/1.1 pipelining

Hi everyone, surely many on this list have heard about the meris botnet (https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/) which uses HTTP/1.1 pipelining for layer 7 attacks. As far as I can see, it's not possible to disallow HTTP pipelining in haproxy, so