Security VCL Connection Tracking

Neha Chriss nchriss at gmail.com
Thu May 3 17:48:42 CEST 2012


Hello

I am wondering if any one can recommend a method of identifying repeated
POST attempts to a single URI with Security VCL or through some native
varnish mechanism. I am currenlty using security vcl as a WAF with the
modsecurity CRS. We occasionally have malicious users who will attempt to
bruteforce promotions codes, or, alternative, attempt to scan our web
application for vulnerabilities. I am looking for a way to mitigate these
risks at the WAF-layer.. any suggestions?


cheers,
Neha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20120503/edd63661/attachment.html>


More information about the varnish-misc mailing list