Nginx or Varnish against Slowloris

Portal Home > Knowledgebase > Articles Database > Nginx or Varnish against Slowloris

Posted by NameSniper, 09-17-2011, 10:27 PM
Hello, I am considering to install Nginx or Varnish in front of Apache to confront some Slowloris kind of attack and was wondering whether if passing PHP requests to Apache, will also mean that any request, including Slowloris kind of, will be passed to Apache or whether it will be ignored by Nginx/Varnish?
Posted by Scott.Mc, 09-17-2011, 10:57 PM
You could use them to combat slowloris as they are not actually making requests to the PHP file itself, it works by only making partial requests and delaying the time sent for the headers. So using a daemon that is not vulnerable to this as the first point (such as nginx) would indeed mitigate it and you can comfortably proxy PHP to apache afterwords.
Posted by NameSniper, 09-17-2011, 11:06 PM
Can you please let me know how does Nginx/Varnish implementation will affect the load/ping? There will be two servers running now and the requst will go to Nginx then to Apache and then back to Nginx so it can serve content to the user. It should add some load+overhead.
Posted by Scott.Mc, 09-17-2011, 11:08 PM
It really depends on your application, in most implementations the difference will be negligible and un-noticeable. With the buffering you will most likely even receive a performance boost , you could even use it to proxy static content and receive a much larger performance boost rather than impact.
Posted by NameSniper, 09-19-2011, 11:05 AM
Thanks Scott.

Add to Favourites Print this Article