Limit X petitions per Y unit of time

M

midulc

Member
#3
#3
not effective

In fact is not efective. Today attacks are done with a js code that makes a request per second like a real user, this is ran by thousands of computers. So only ways are cookie checking (urgent and great - see my other post) and this method i told you.

If you dont want to improve litespeed just say it but this is really necessary and im thinking about going back to apache and nginx if not added as i need to stop those attacks this way.
 
N

NiteWave

Administrator
#4
#4
this looks a good post regarding test cookie:
http://umumble.com/blogs/Infosecurity/538/

litespeed's built-in anti-ddos has been approved to be effective to mitigate DDOS in many scenarios, but of course, it's not effective in all cases.

in fact, litespeed already has javascript based anti-ddos module, but how to use it is not decided yet.

the nginx test cookie module surely will give us a nice reference. Thanks.
 
M

midulc

Member
#7
#7
Which rules?

Which rules are you talking about?
Can you tell me the exact rules to put?
Im not just talking about this, but also about the cookies module.
 
W

webizen

Well-Known Member
#8
#8
It is the rules in that blog in the beginning of the thread which you asked about initially.

no ETA for js-based antiddos functions at this point as NiteWave mentioned.
 
M

midulc

Member
#9
#9
Ok

Can you tell me exactly how to put mod_Security rules? I can't get them working.
I installed cpanel and then the module of litespeed for cpanel, what to putthe rules?
Tried and cannot get them working.
Thanks.
 
You must log in or register to reply here.
Top