cancel
Showing results for 
Search instead for 
Did you mean: 

Preventing DDoS attacks on SMS URL

iRule
Cirrus
Cirrus

Dear Community,

I am facing DDoS attacks on one of our application. The attacker is sending hundred of requests to a URL, which is consuming all of our SMS quota. The attack is originating from multiple IPs. Please inform how I can protect this application API from this kind of DDoS attack from appliation code level. I need help from application security experts and web developers.

https://abc.com is frontend & xyz.com is backend api 

Sample of DDoS reqeust:

POST /asdf/service/sendmobilecode HTTP/1.1

Host: xyz.com

Authorization: ***********

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36

Content-Type: application/json

Origin: https://abc.com

Referer: https://abc.com/

{"number":"91234567890"}

Kind Regards

 

3 REPLIES 3

PSFletchTheTek
Cirrocumulus
Cirrocumulus

If this is happening now.

Call f5 support and raise a sirt call.

They'll help you with that asap.

That's what they're there for!

If you have ASM provisionned then use DDOS profile. The hardest part maybe trying to find the tresholds that suit your application usage patterns.

https://support.f5.com/csp/article/K13410341

 

AubreyKingF5
Community Manager
Community Manager

I concur with the DDoS profile from AWAF. Another thing you could try (much less expensive than AWAF) would be to put up F5 XC WAF in front of it. That is maybe a 5 minute opration to get it WAF'd. If you need help finding your SE to help try it before you buy it, let me know. I'm happy to help.