Going crazy to mitigate slow read
gc at ants.eu
Fri Mar 9 10:35:48 CET 2012
I've got few servers with varnish + apache on loopback.
Modsecurity mitigate the problem on the only apache side, but fails with
apache + varnish.
I'm using mod_rpaf to get the right ip address, but probably something
I would like to get another approach and try to block the attack
completely in varnish.
In apache, some directive say: "if there are enough connection from this
ip in READ/WRITE state, reject incoming connections from that ip"
Is there a way to do so in varnish?
More information about the varnish-misc