Forum Discussion
iRule
Cirrus
CirrusPreventing DDoS attacks on SMS URL
Dear Community,
I am facing DDoS attacks on one of our application. The attacker is sending hundred of requests to a URL, which is consuming all of our SMS quota. The attack is originating from multiple IPs. Please inform how I can protect this application API from this kind of DDoS attack from appliation code level. I need help from application security experts and web developers.
https://abc.com is frontend & xyz.com is backend api
Sample of DDoS reqeust:
POST /asdf/service/sendmobilecode HTTP/1.1
Host: xyz.com
Authorization: ***********
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36
Content-Type: application/json
Origin: https://abc.com
Referer: https://abc.com/
{"number":"91234567890"}
Kind Regards
- AubreyKingF5
Moderator
I concur with the DDoS profile from AWAF. Another thing you could try (much less expensive than AWAF) would be to put up F5 XC WAF in front of it. That is maybe a 5 minute opration to get it WAF'd. If you need help finding your SE to help try it before you buy it, let me know. I'm happy to help.
Amine_KadimiMVP
If you have ASM provisionned then use DDOS profile. The hardest part maybe trying to find the tresholds that suit your application usage patterns.
https://support.f5.com/csp/article/K13410341
If this is happening now.
Call f5 support and raise a sirt call.
They'll help you with that asap.
That's what they're there for!
