0

I'm trying to configure NginX (in combination with Passenger and Rails) to prevent "Slow HTTP Denial of Service".

What I'm trying to do to prevent it, is limiting the amount of requests per connections to 5 and decrease the timeouts.

This is my configuration:

worker_processes  1;

...

events {
    worker_connections  1024;
}

http {

    ...

    limit_conn_zone $binary_remote_addr zone=addr:10m;
    limit_conn addr 5;

    client_body_timeout 15;
    client_header_timeout 15;
    keepalive_timeout 15;
    send_timeout 15;

    ...
    server {
        ...
    }
}

Our testing software, Qualisguard, says it's still not prevented against Slow HTTP DoS.

Would this even work, or is the configuration itself incorrect?

Tim Baas
  • 281
  • 2
  • 5
  • 15
  • Why only one worker process? Have you seen http://serverfault.com/q/281581/211028 – Alexey Ten May 07 '14 at 04:48
  • @AlexeyTen I don't know, it was like that when I first saw it. Would more `worker_processes` and less `worker_connections` be better? – Tim Baas May 07 '14 at 08:17
  • They both should be increased. See also http://stackoverflow.com/q/7325211/1016033 – Alexey Ten May 07 '14 at 08:36
  • Wow, thanks dude! Never knew our settings were this low! – Tim Baas May 07 '14 at 09:53
  • I think this link can be really helpful with your configuration. [Slowloris DoS Attack / Nginx Configuration](https://hexadix.com/slowloris-dos-attack-mitigation-nginx-web-server/) – ngrammen Apr 17 '19 at 08:24

0 Answers0