Re: [mod-security-users] Working Around Race Conditions in Persistent Storage
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Working Around Race Conditions in Persistent Storage
|
From: Christian F. <chr...@ne...> - 2016-09-08 19:55:46
|
On Thu, Sep 08, 2016 at 07:48:51PM +0000, Barry Pollard wrote: > > the idea protect a application from DOS attacks by some code inside > > the attacked application is simply a pervert one - is, was and ever > > will be > > The idea of protecting the webserver itself from DoS attacks from > within the webserver is indeed wrong. > > However the idea of protecting the application (which typically has a > much lower DoS threshold) using the webserver that sits in front of it > is not so crazy... I think the self-defence is a very natural thought. It's just that it does not really work with DoS. But again, it's perfectly OK to have Apache/ModSecurity as sensor. Just don't let them do the blocking. This frees resources which helps them detect the remaining attackers. Ahoj, Christian -- Do what you can, with what you have, where you are! -- Theodore Roosevelt |
