When the client interacted with the server, there was a timing design error, which caused the server to receive more than 300,000 requests in 10 minutes. The pressure on the PHP backend increased instantly and caused it to collapse.
The current solution is that since repeated requests within a short period of time obtain the same content, requests with special parameters are directly dropped at the Nginx layer and no results are returned directly.
code show as below
shell
if ( $query_string ~ "api=(getpush|remove)") { return 200 '{"resultStatus":1,"allCount":0,"data":[]}'; break; }
This solution is not perfect, for example, it only blocks 90% of requests, or it only takes effect within a specified time. I wonder if any students have similar anti-attack solutions?
我想大声告诉你2017-05-16 17:27:34
You can consider using an upstream, setting a weight, and transferring 90% of requests to a dummy interface