How stop DDOS with Varnish ?
Alexandre
infos at opendoc.net
Wed Dec 31 09:17:55 CET 2014
Thank you very much Tobias, I'll try that now.
On 31/12/14 09:12, Tobias Eichelbrönner wrote:
> Hi Alex,
>
>> I search a documentation to stop HTTP flood DDoS attacks with varnish.
>> Do you have any recommendation ?
>
> you can take a look at:
> https://www.varnish-cache.org/vmod/throttle
>
> I don´t think you can find a general documentation dealing with DDos.
> It heavily depends on how the attack looks like and what you want to
> achieve.
>
> We had some very simple but large DDos attacks we simply could deal with
> using some regexes in VCL sending out an error page instead of directing
> to the backend.
>
> In other cases you might be able to force a 100% hitrate in varnish,
> protecting your backend and then set up a large number of varnishes to
> throw out gigibytes of http traffic per second just to sit out the attack.
>
> Sincerely,
>
> Tobias
>
>
More information about the varnish-misc
mailing list