Hi guys,
I am planning to use nginx as reserve proxy in front my Apache server. Our site is under heavy DoS attack, where attacker sends a lot of malformed HTTP request to flood Apache. I intend to filter out the attacker by:
- Setting up nginx as reserve proxy
- If user connect for the first time, redirect to a test.php page, where a captcha is used to detect if it is really human.
- If pass, a secret cookie is set to identify this user for a period of time. With this cookie, user will be able to go further into Apache.
As a result, I need to have some kind of rewrite rule based on checking cookie value (this is calculated by sha1 REMOTE_ADDR + REQUEST_DATE, for example, for each user). Could anyone suggest a easy way of implementing this with nginx?
Thanks!