How stop DDOS with Varnish ?

Tobias Eichelbrönner tobias.eichelbroenner at
Wed Dec 31 09:12:32 CET 2014

Hi Alex,

> I search a documentation to stop HTTP flood DDoS attacks with varnish.
> Do you have any recommendation ?

you can take a look at:

I don´t think you can find a general documentation dealing with DDos.
It heavily depends on how the attack looks like and what you want to

We had some very simple but large DDos attacks we simply could deal with
using some regexes in VCL sending out an error page instead of directing
to the backend.

In other cases you might be able to force a 100% hitrate in varnish,
protecting your backend and then set up a large number of varnishes to
throw out gigibytes of http traffic per second just to sit out the attack.



LAMP solutions GmbH
Gostenhofer Hauptstrasse 35
90443 Nuernberg

Amtsgericht Nuernberg: HRB 22366
Geschaeftsfuehrer: Heiko Schubert

Es gelten unsere allgemeinen Geschaeftsbedingungen.

Telefon      : 0911 / 376 516 0
Fax          : 0911 / 376 516 11
E-Mail       : support at
Web          :
Facebook     :
Twitter      :!/lampsolutions

More information about the varnish-misc mailing list