Hi All,
I am using nginx in our products. When I run goldeneye DoS attack script against nginx, it is not able to defend against the attack and normal users getting impacted.
python goldeneye.py http://<ipaddress> -w 5 -s 10000 -m random -d
we are using below nginx limit_req options but didnt help. The nginx documentation says that, these options are used to limit the request rating limit per key. below is some sample configuration that we tried. The problem is, when we use these nginx options, it still keeps nginx busy responding with 503 or some other error code for all those requests beyond the rate limit . Hence any genuine user when trying to access webserver during the attack time, not getting chance to access our server and timing out or getting 500 error.
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s;
...
server {
limit_req zone=one ;
...
location /sampleurl/ {
}
(Note: also tried limit_conn options and behavior is same).
Why should nginx respond back with any error code rather it should drop connections !! otherwise it can't protect itself against any DoS attack.
please share the thoughts.