Forum Discussion

Nimbostratus

May 08, 2014

Throttling 404 requests to protect against DoS attacks

First off, I would like to say that calling me a noob would be an insult to noobs. With that said! I am investigating the possibility of throttling 404 requests in order to prevent potential DoS att...

Cirrostratus

May 08, 2014

I'm not sure you've thought this through. Wouldn't an attacker prefer to make multiple requests for correct but 'heavy' URLs? What happens if someone makes a mistake coding a web page and genuine clients make invalid requests because of it?

Whilst it's more than possible to use an iRule to meet your stated goal, introducing logic to reduce false negatives and cover other eventualities will make it very complex and considering other possible attack vectors it's probably not worth the effort.

ASM is of course an option.

Forum Discussion

Throttling 404 requests to protect against DoS attacks

Recent Discussions

Wildcard SSL Certificate Deployment on F5 LTM

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Open Redirection Mitigation

GTM Packet Capture command

How to Implement 2 Way SSL in F5 LTM

Related Content

HTTP Request Throttle

Beyond REST: Protecting GraphQL

HTTP Request Throttle by IP and UserAgent

L7 DoS Protection with NGINX App Protect DoS

How To Protect Your Applications from Cross Site Request Forgery (CSRF) with F5 Distributed Cloud