Scribd
Upload
16 views

Demo Defense

Defend DDOS by Nginx

Uploaded by

Khang Trịnh Ngọc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
16 views

Demo Defense

Defend DDOS by Nginx

Uploaded by

Khang Trịnh Ngọc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

IV.

Demo using NGINX to defense DDOS:


Firstly,i want to introduce you to Nginx.It is a web server which also can be used as a
reverse proxy, load balancer, mail proxy and HTTP cache.
But in this project, i will use Nginx as a reverse proxy,put it in a Ubuntu server,and use
HTTP cache funtion.Each HTTP request of each IP will be save in cache.Each time,when a
HTTP request come to server,it will check for the IP address,if this address come over the
rating like 25 requests/s when we just allow to each IP request 15 requests/s,it will send
status 503 to client which may be used as a bot to DDOS our server.If IP address is allow,it
will be automaticly redirect to web server that client want to connect listen at port 1200.
Now,we come to pratice,we write a Nodejs program that can make a GET HTTP request
per 0.001s,so in 1s,it can make many request to server depend on the Internet.When we
were not use Nginx yet,the outcome will be like this:

At the beginning,server response 200,that mean server is ok,users get what they want,but
after that,we get the response :
As we can see,the status response is 500,it mean server is error,it can not serve other user
(actually,this server is weak,so we can DOS easy,but even server can load more
request,when mutil computer run this program,server can not response anymore).
It is very dangerous when we have more computer and run this program.
So,let install Nginx and litmit the request per second to 100,if the request is valid,it will
connect to port 1200,which is the right port that user needed.
After connecting to server and install Nginx,we will config Nginx like this:
Now,we will try run the program again,we will get:

There are some response 200 and almost 503(server are not available),it mean that request
will not be served by server running at port 1200,and legal user can access successfully.

You might also like