For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

court_c_brown_1's avatar
court_c_brown_1
Icon for Nimbostratus rankNimbostratus
May 08, 2014

Throttling 404 requests to protect against DoS attacks

First off, I would like to say that calling me a noob would be an insult to noobs. With that said! I am investigating the possibility of throttling 404 requests in order to prevent potential DoS att...
application delivery
deployment
devops
iRules
What_Lies_Bene1's avatar
What_Lies_Bene1
Icon for Cirrostratus rankCirrostratus
May 08, 2014

I'm not sure you've thought this through. Wouldn't an attacker prefer to make multiple requests for correct but 'heavy' URLs? What happens if someone makes a mistake coding a web page and genuine clients make invalid requests because of it?

 

Whilst it's more than possible to use an iRule to meet your stated goal, introducing logic to reduce false negatives and cover other eventualities will make it very complex and considering other possible attack vectors it's probably not worth the effort.

 

ASM is of course an option.