Request challenging

Andrei lagged at gmail.com
Sat Nov 12 10:49:57 CET 2016


Hello all,

I've been digging into some mitigation techniques to protect the backend,
and am currently up to a request challenging feature similar to how
Cloudflare introduces a CAPTCHA request in order to let the end user's
request through. Has anyone had any success with this sort of method, or
can give some suggestions on how to implement without causing too much
overhead? Initially I was thinking of routing requests through a different
backend who's main purpose would be to "challenge requests" by responding
with a captcha, then set temporary global variables to store the IP
results, and either cut the request or restart through the domain related
backend. Similar to this I was thinking I could just inject the Javascript
challenge right into the initial request without rerouting, but I'm not
quite sure if that's even possible with Varnish. Any input and suggestions
would be greatly appreciated!

Have a great weekend everyone!

Andrei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20161112/5744e83c/attachment.html>


More information about the varnish-misc mailing list