Forum Discussion

iRule's avatar
iRule
Icon for Cirrus rankCirrus
Jun 08, 2022

Preventing DDoS attacks on SMS URL

Dear Community,

I am facing DDoS attacks on one of our application. The attacker is sending hundred of requests to a URL, which is consuming all of our SMS quota. The attack is originating from multiple IPs. Please inform how I can protect this application API from this kind of DDoS attack from appliation code level. I need help from application security experts and web developers.

https://abc.com is frontend & xyz.com is backend api 

Sample of DDoS reqeust:

POST /asdf/service/sendmobilecode HTTP/1.1

Host: xyz.com

Authorization: ***********

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36

Content-Type: application/json

Origin: https://abc.com

Referer: https://abc.com/

{"number":"91234567890"}

Kind Regards

 

application delivery
application security
asm
awaf
ddos
development
devops
security

3 Replies

Sort By
  • PSFletchTheTek's avatar
    PSFletchTheTek
    Icon for MVP rankMVP
    Jun 08, 2022

    If this is happening now.

    Call f5 support and raise a sirt call.

    They'll help you with that asap.

    That's what they're there for!

  • AubreyKingF5's avatar
    AubreyKingF5
    Icon for Admin rankAdmin
    Jul 06, 2022

    I concur with the DDoS profile from AWAF. Another thing you could try (much less expensive than AWAF) would be to put up F5 XC WAF in front of it. That is maybe a 5 minute opration to get it WAF'd. If you need help finding your SE to help try it before you buy it, let me know. I'm happy to help.