DoS and NTLM Brute force protection for HTTP(s) traffic
Problem this snippet solves: This snippet has been designed to mainly protect against NTLM's Denial of Service and brute force attacks against web application that use this authentication mecanism. ...
Published Jun 03, 2016
Version 1.0Yann_Desmarest
Cirrus
Joined September 11, 2012
Yann_Desmarest
Cirrus
Joined September 11, 2012
Yann_Desmarest
Mar 06, 2018Cirrus
Hi Antony,
It looks like you are not using NTLM authentication on your backend. The following line of code log an invalid authentication attempt for an ntlm user:
log $static::log_pri "[virtual] - invalid credentials detected for $ntlm_user"
If you are using different kind of authentication than NTLM, you should change this code snippet to match your needs
Hope it helps
Yann