Hello,
As my site is in danger of ddos attacks I've got the question, how to protect nginx agains ddos?
Some russian Hosters have a http ddos migration that works follow:
The users requests as example URl/index.php?foobar=4, the user get first a blank html site with some javascript code into which set a cookie and then the user the forwarded to index.php?foobar=4. If it is a bot, they mostly can not accept cookies.
And if the cookie is setted, the user dont get anymore to the blank site, he can directly access the full page.
As I know this is very effective, have anyone an idea where I could get such script / how to configure? What else methods of protection are there ( ofc I will block ICMP etc. by iptables ):?
Thanks
PS: If there is any one experienced I would also pay for a good setup!