On Fri, Sep 24, 2021 at 10:05:19AM +0200, Christopher Faulet wrote:
> > So I guess I did just misunderstand the documentation and it would be nice
> > to just clarify it in the docs that haproxy does not support HTTP/1.1
> > pipelining.
>
> I agree. Pipelining should at least be removed from
Le 9/21/21 à 6:00 PM, Stefan Behte a écrit :
Hi Christopher,
thank you for the hint, I'm aware of the different ways to mitigate DDoS with
rate limits etc., I was just curious about the pipelining vector. :)
http://www.haproxy.org/download/2.4/doc/configuration.txt says:
" By default HAProxy
Montag, 20. September 2021 19:04
An: Stefan Behte ; haproxy@formilux.org
Betreff: Re: Disabling HTTP/1.1 pipelining
Le 9/17/21 à 1:20 PM, Stefan Behte a écrit :
> Hi everyone,
>
> surely many on this list have heard about the meris botnet
> (https://krebsonsecurity.com/2021/09/kreb
Le 9/17/21 à 1:20 PM, Stefan Behte a écrit :
Hi everyone,
surely many on this list have heard about the meris botnet
(https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/)
which uses HTTP/1.1 pipelining for layer 7 attacks.
As far as I can see, it's not
Hi everyone,
surely many on this list have heard about the meris botnet
(https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/)
which uses HTTP/1.1 pipelining for layer 7 attacks.
As far as I can see, it's not possible to disallow HTTP pipelining in haproxy,
so
5 matches
Mail list logo