LSProxy is a reverse proxy to defend low and slow DDoS attacks (LSDDoS), which is a kind of application layer denial of service attack (DoS) that drains server's resources by sending packages at a very slow date rate. There are three kinds of LSDDoS, namely Slow header attacks, Slow body attacks and Slow read attacks. This solution is capable of protecting both Apache and Nginx server, doesn't require additional server-side modifications (which could turn into a tedious task for web admins), and is tolerable to low bandwidth users (meaning that users' connections won't be dropped due to their network being slow).
-
Adjust the parameters.
- Adjust the macros defined in
ls_proxy.hto your own needs.
- Adjust the macros defined in
-
Compile and test.
$ make $ make test- [Caution!] For the build dependencies and the security needs, it will:
- Install packages:
g++-10,libevent-dev. - Modify files:
/etc/security/limits.conf,/etc/systemd/system.conf,/proc/sys/fs/file-max,/proc/sys/net/ipv4/tcp_syn_retries.
- Install packages:
- We recommend you to try out in a VM or docker.
- [Caution!] For the build dependencies and the security needs, it will:
-
Execute. (See more options via
ls_proxy -h)$ ./ls_proxy 8080 localhost
- It can also be run in the background like this:
./ls_proxy 8080 localhost >$(date -Isec).log 2>&1 &.
- It can also be run in the background like this:
-
(optional) Configure DNS records.
- Since LSProxy acts as a reverse proxy, we might want to associate our domain name to it's IP address.
- While testing other sites, one can create temporary DNS mappings via the hosts file. For example, adding a line to
/etc/hostswould do the trick for Linux:127.0.0.1 www.wangafu.net
- Text only: http://www.wangafu.net/~nickm/libevent-book/
- With images: http://linux.vbird.org/
- Large files: http://free.nchc.org.tw/ubuntu-cd/
- Interactive: http://www.dailysudoku.com/sudoku/play.shtml?today=1
With the exeption of nodejs/llhttp source code, LSProxy is licensed under MIT license.