OptimalBits / redbird

A modern reverse proxy for node
BSD 2-Clause "Simplified" License
4.41k stars 279 forks source link

autoban functionality. #40

Open manast opened 8 years ago

manast commented 8 years ago

We should have some mechanism to autoban ips that tries to makes attacks by some rules:

KpjComp commented 7 years ago

Having some sort of DDOS attack protection in redbird would be great..

But rather than banning, may I offer another suggestion.. Just progressively slow down requests, something v.simple in Node. Of course the hardest part here is getting a good algorithm that slows down in a sensible way,.. eg. slowing down requests because favion.ico or robots.txt was requested wouldn't be ideal..

The really nice thing about slowing down, rather than banning. It's holding the DDOS attackers resources., without having much effect on ours.

ghost commented 5 years ago

@manast @KpjComp I think it would be a lot better to have some sort of security extension API or middleware, so we could write our own code and do both banning and slowing down or even more... It would be fun to filter spam before it reaches the server for example. I am not sure whether we can read the messages or just monitor the traffic though. In general it is a lot better to let others work on these kind of features and concentrate on the primary topic instead. That's why for example nodejs or the facebook API is successful. Using those 4k developers who starred the project would be wise.