V
V
Vitaly2017-07-25 09:23:18
DDoS Protection
Vitaly, 2017-07-25 09:23:18

How does CloudFlare attack work?

Hello, my project is under CloudFlare, and recently DDoS attacks have become more frequent, quite unusual, since CF itself does not see a request jump, only traffic (+ 4-8GB in 15 minutes, when the norm is 200mb.), Similarly, on the node, where the project is placed, nginx does not write anything to the logs, but at the same time a bunch of apache processes are created (about +600), as well as a lot of database requests, through mytop you can see that they are all in the sleep state. As far as I understand, bots simply open a connection to the site, and immediately disconnect, at this time apache processes hang until they time out, after which it repeats. I can't figure out how it works, if the apache process launched a script, and that in turn sent a request to the database, why didn't nginx write this request to the log?

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question