Skip to content

dariakharlan/slowloris-defence

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
goloris
goloris
 
 
nginx
nginx
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Slowloris nginx defence example

How to run

docker-compose up -d --build

Access nginx default page locally at http://localhost:8080

What was done to mitigate the attack

  1. Limiting number of connections from single IP address: added following config to nginx default.conf file 
    limit_conn_zone $binary_remote_addr zone=addr:10m;

server {
    ...
    location / {
        limit_conn addr 10;
        ...
    }
    ...
}
  2. Closing slow connections: added following config to nginx default.conf file 
    server {
    ...
    
    client_body_timeout 5s;
    client_header_timeout 5s;

    ...
}
  3. Increasing NGINX worker connections limit: added following config to nginx nginx.conf file 
    events {
    worker_connections  100000;
}
  4. Increasing user’s open file limit: added following config to nginx container in docker-compose.yml file 
    ulimits:
  nofile:
    soft: "100000"
    hard: "100000"
  5. Increasing NGINX’s worker number of open files limit: added following config to nginx nginx.conf file 
    worker_rlimit_nofile 102400;

Sources used

  1. Nginx blog article
  2. HEXADIX blog article

Slowloris implementation was forked from https://github.com/valyala/goloris and POST requests were replaced with GET in order to make requests to Nginx static page (Nginx forbids POST requests to static pages)

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages