During HTTP flood attacks, the request rate of a single zombie server is typically far higher than that of a normal user. The most effective way to defend against this type of attack is to restrict the request rate of the source IP.
You can create custom HTTP flood protection rules to implement restrictions on the request rate.
Note the following points when you use HTTP flood protection:
We recommend that you use Anti-Bot Service for more targeted protection and flexible handling methods.
For example, blocking IP addresses may affect NAT. Anti-Bot Service allows you to use cookies or request parameters to calculate the request rate. You can also use slider captcha to verify the identity of the requester.
If your website targets Chinese users and there are a large portion of HTTP flood attacks originate from international regions, data centers, and public clouds, you can block requests from international regions to mitigate this attack with the Blocked Regions feature in WAF.
Malicious requests in HTTP flood attacks are arbitrarily constructed and contain abnormal or unusual packets compared with normal requests. To handle these requests, you can analyze their features and add HTTP ACL policies to block the malicious requests.
For detailed procedure and how to protect important APIs from abuses, how to prevent malicious scans, fake apps and Web crawlers, please go to Best practices for HTTP flood protection.
HTTP Flood protection helps you block HTTP flood attacks in different modes, including Normal and Emergency. After adding your website to the WAF protection list, you can enable HTTP Flood protection and select an appropriate protection mode for the website. Upon identifying an HTTP flood attack, WAF disconnects from the client to protect your origin. The Business and Enterprise editions support advanced HTTP flood protection.
In this article, you can get the detailed procedure on how to configure HTTP flood protection mode.
The Business and Enterprise editions of Alibaba Cloud WAF support customizing HTTP flood protection rules to apply rate-based access control.
The frequency of certain URLs can be restricted from accessing your server by applying custom protection rules in the console. For example, you can define the following rule: when a single source IP address accesses www.yourdomain.com/login.html for more than 20 times within 10 seconds, then block this IP address for one hour.
By default, your domain protected by the Anti-DDoS Pro instance uses the Normal HTTP flood protection mode. You can change the mode as you needed.
Anti-DDoS Pro also supports custom HTTP flood protection rules for you to customize precise HTTP flood defense rules. You can configure defense rules for specific URLs with this functionality.
In this tutorial, we'll discuss how to deploy Anti-DDoS, Content Delivery Network (CDN), and Web Application Firewall (WAF) all together to accelerate and secure our websites or web applications on Alibaba Cloud. For this solution to work correctly, you must have both Alibaba Cloud domestic and international accounts.
In case of "China service", for those who want to apply Anti-DDoS, CDN, and WAF features together on Alibaba Cloud environment, consider using SCDN(Secure CDN) on a Domestic account and WAF on an International account together. In case of International account, we cannot simultaneously utilize Anti-DDoS and CDN at the time of writing. In this way, this alternative can make it possible, before SCDN product on International account is released. Once again, this scenario works only for Chinese regions.
Alibaba Cloud WAF is a web application firewall that monitors, filters, and blocks HTTP traffic to and from web applications. Based on the big data capacity of Alibaba Cloud Security, Alibaba Cloud WAF helps to defend against common web attacks such as SQL injections, Cross-site scripting (XSS), web shell, Trojan, and unauthorized access, and to filter out massive HTTP flood requests. It protects web resources from being exposed and guarantees website security and availability.
In this video, we show how to use and how to configure Web Application Firewall. WAF will be used to protect the website and we will showcase WAF in action.
Paving the Way in Cloud Native: Alibaba Provides Enterprises with Powerful Solutions
2,599 posts | 763 followers
FollowAlibaba Clouder - July 11, 2019
Alibaba Clouder - July 12, 2019
Alibaba Clouder - February 21, 2020
Alibaba Clouder - July 12, 2019
Alibaba Clouder - December 25, 2020
Alibaba Clouder - January 28, 2021
2,599 posts | 763 followers
FollowA cloud firewall service utilizing big data capabilities to protect against web-based attacks
Learn MoreMore Posts by Alibaba Clouder