How stop DDOS with Varnish ?
Tobias Eichelbrönner
tobias.eichelbroenner at lamp-solutions.de
Wed Dec 31 09:12:32 CET 2014
Hi Alex,
> I search a documentation to stop HTTP flood DDoS attacks with varnish.
> Do you have any recommendation ?
you can take a look at:
https://www.varnish-cache.org/vmod/throttle
I don´t think you can find a general documentation dealing with DDos.
It heavily depends on how the attack looks like and what you want to
achieve.
We had some very simple but large DDos attacks we simply could deal with
using some regexes in VCL sending out an error page instead of directing
to the backend.
In other cases you might be able to force a 100% hitrate in varnish,
protecting your backend and then set up a large number of varnishes to
throw out gigibytes of http traffic per second just to sit out the attack.
Sincerely,
Tobias
--
LAMP solutions GmbH
Gostenhofer Hauptstrasse 35
90443 Nuernberg
Amtsgericht Nuernberg: HRB 22366
Geschaeftsfuehrer: Heiko Schubert
Es gelten unsere allgemeinen Geschaeftsbedingungen.
http://www.lamp-solutions.de/agbs/
Telefon : 0911 / 376 516 0
Fax : 0911 / 376 516 11
E-Mail : support at lamp-solutions.de
Web : www.lamp-solutions.de
Facebook : http://www.facebook.com/LAMPsolutions
Twitter : http://twitter.com/#!/lampsolutions
More information about the varnish-misc
mailing list