[CentOS-devel] CentOS services being DDoS'd

Mon Aug 7 14:22:50 UTC 2017
Jeff Sheltren <jeff at tag1consulting.com>

On Mon, Aug 7, 2017 at 5:57 AM, Karanbir Singh <mail-lists at karan.org> wrote:

>
> > I had recommended and Fabian looked at mod-evasive, but has reservations
> > around that.  how do people these days typically handle flood situations
> ?
> >
>

What are the concerns with mod_evasive? I'm not sure if it makes sense to
add Varnish to the mix, but I've been testing the Varnish vsthrottle module
for DoS mitigation, and it seems to work well. The nice part with doing
this in Varnish is it is very customizable within the VCL -- here's an old
post with a small code snippet, but this could be customized to whitelist
based on any header, source IP, etc. which seems to be a lot more flexible
than mod_evasive -- and you may get some caching benefits from Varnish as
well, though not for the larger downloads.
https://old.varnish-cache.org/vmod/vsthrottle-rate-limitingthrottling-v4-and-later

-Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20170807/a57d3c08/attachment-0008.html>