Forum Discussion

Nimbostratus

Jun 19, 2009

Slowloris

Does any know how ASM would handle this recently posted Denial of Service attack: http://ha.ckers.org/slowloris/ The concept is the client hogs sockets by slowly tricklin...

app sec

BIG-IP Access Policy Manager (APM)

security

David_Holmes_9

Historic F5 Account

Aug 16, 2011

Lukas,

Are you load-balancing a mix of HTTP and HTTPS traffic through your virtual? Typically one would have HTTP traffic going to one virtual (80 for example) and HTTPS traffic to another (on port 443 for example). Both would still use the http profile. However, if you are indeed handling a mix of traffic through a single virtual then you can still accomplish what you want (slowloris protection) but it will require some iRule action (to turn off the https profile for connections that don't need it).

Hope this helps.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)