Irule for DDOs Attacks with LC

Question

I have a Link controller module and I´m working with a client that is getting DD0s attacks from random IPs. Can irule stop it?

sebastiansierra · Answer

Hi,If you don't have the F5 modules to protect against DDoS attacks as AFM and ASM you can follow this link:https://support.f5.com/csp/article/K14813&nbsp;

nikoolayy1 · Answer

Hello,
&nbsp;
When you say random ip addresses if they rotate too much then you may need bot protection like shape that can be integrated with F5 or with the backend server code with shape enterprise defense.
&nbsp;
Still if during the attack if a single ip address is causing too much traffic even random one you can rate limit it. This will be good for HTTP VIP or HTTPS VIP where you do a decryption:
&nbsp;
https://community.f5.com/t5/technical-forum/f5-irule-table-command-rate-limit-or-block-http-requests-in-two/m-p/295250#M258952
&nbsp;
&nbsp;
If the DDOS is volumetric at layer 3/4 better have scrubbing center beforethat like Silverline or your ISP can provide you such functions for extra payment.

Forum Discussion

Irule for DDOs Attacks with LC

2 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

PCI Compliance and ASM

irule for redirect and header injection

What happens if I activate only ASM without provisioning LTM?

Implement load balancing solution with constraints

How to Block Source IP for 24 Hours After TPS Violation (F5 DoS / iRule / SSL Proxy Setup)

Related Content

DDoS Attack Trends for 2021

Real Attack Stories: Bank Gets DDoS Attacked

Scrubbing away DDoS attacks

Real Attack Stories: DDoS Against Email Provider

Real Attack Stories: Online Payment Center DDoS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS