Hi Alex, > I search a documentation to stop HTTP flood DDoS attacks with varnish. > Do you have any recommendation ?
you can take a look at: https://www.varnish-cache.org/vmod/throttle I don´t think you can find a general documentation dealing with DDos. It heavily depends on how the attack looks like and what you want to achieve. We had some very simple but large DDos attacks we simply could deal with using some regexes in VCL sending out an error page instead of directing to the backend. In other cases you might be able to force a 100% hitrate in varnish, protecting your backend and then set up a large number of varnishes to throw out gigibytes of http traffic per second just to sit out the attack. Sincerely, Tobias -- LAMP solutions GmbH Gostenhofer Hauptstrasse 35 90443 Nuernberg Amtsgericht Nuernberg: HRB 22366 Geschaeftsfuehrer: Heiko Schubert Es gelten unsere allgemeinen Geschaeftsbedingungen. http://www.lamp-solutions.de/agbs/ Telefon : 0911 / 376 516 0 Fax : 0911 / 376 516 11 E-Mail : [email protected] Web : www.lamp-solutions.de Facebook : http://www.facebook.com/LAMPsolutions Twitter : http://twitter.com/#!/lampsolutions _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
