How does Web Security Manager mitigate DoS attacks? | Web Security Manager FAQ

A denial of service (DoS) attack is an attack intended to make a resource unavailable to users. Historically intended to bring down services, resources, and websites, DoS attacks could become an increasingly pervasive part of our lives as technology advances.

DoS attacks today primarily target websites. The Alert Logic® web application firewall (WAF), Web Security Manager, has several features that help protect against DoS attacks. These features include:

  • Web Security Manager is fully managed, meaning our WAF security experts provide monitoring and tuning of your WAF 24x7x365.
  • When not behind a load balancer, network level protection limits request rates and concurrency by outright blocking IPs that exceed certain limits.
  • At the application level, Web Security Manager can slow requests and protect against brute force attempts and other rate-based attacks through HTTP request throttling and connection limiting. These techniques also help ensure that resources are optimized in peak situations.
  • Web Security Manager allows you to blacklist countries that do not send valid traffic to your application. This eliminates any possible DoS attacks from those countries.
  • For DoS attacks that exhaust server resources by making requests extremely slow (thereby hogging server resources that are waiting for client input), Web Security Manager combats these attacks by:
    • Enforcing timeout limits for both client request header and client request body. If the request header or the request body is not received with a set timeout, the connection is closed. Attacks like Slowloris and Slow HTTP POST that are notorious about sending requests slowly can be dealt with via this type of timeout configuration.
    • Buffering all client requests before sending them to the back-end server. For example, Web Security Manager can ensure that slow GETs or POSTs are received in their entirety before handing off to the back-end server.
  • Finally, as a high-performance HTTP server, Web Security Manager can handle extremely large numbers of concurrent requests, even slow ones. A single request consumes a very small amount of resources since it does not need to spawn new processes or threads for each request.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.