Thank you very much Tobias, I'll try that now.
On 31/12/14 09:12, Tobias Eichelbrönner wrote:
Hi Alex,
I search a documentation to stop HTTP flood DDoS attacks with varnish.
Do you have any recommendation ?
you can take a look at:
https://www.varnish-cache.org/vmod/throttle
I don´t think you can find a general documentation dealing with DDos.
It heavily depends on how the attack looks like and what you want to
achieve.
We had some very simple but large DDos attacks we simply could deal with
using some regexes in VCL sending out an error page instead of directing
to the backend.
In other cases you might be able to force a 100% hitrate in varnish,
protecting your backend and then set up a large number of varnishes to
throw out gigibytes of http traffic per second just to sit out the attack.
Sincerely,
Tobias
_______________________________________________
varnish-misc mailing list
[email protected]
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
