varnish 2.15 - possible security exploit?
kongfranon at gmail.com
Tue Feb 22 15:10:50 CET 2011
I was curious does anyone know of any serious security exploits that
can use varnish as an open proxy?
The reason I ask is we just put up 3 varnish servers, and about 4 days
after we started to get a DDOS attack.
If anything the varnish servers really helped offload it. We are
still unders attack for at least 12 hours +
The reason why I am thinking that some sort of exploit might be going
on is, looking at the varnish logs I was seeing some url's for domains
we do not even own. I am not sure how get requests are coming through
for not our own domain's? Majority of get are for us, but 10% or so
It could have been just a coicendence that we got a DDOS attack a few
days after, and glad I had varnish in, becuase we were getting over
3,000 req/sec, which our web servers definitely could not handle.
Thanks for any suggestions.
More information about the varnish-misc