> On 6 Nov 2019, at 22:41, mogwai wrote:
>
> My first question is regarding the particular error log messages produced
> during the attack - see example below:
>
> [info] 8050#8050: *146 SSL_do_handshake() failed (SSL: error:14094416:SSL
> routines:ssl3_read_bytes:sslv3 alert certificate unkno
Hi,
On Wed, Nov 06, 2019 at 02:41:15PM -0500, mogwai wrote:
> Greetings!
>
> I run a bunch of sites on nginx-plus-r19 (OpenSSL 1.0.2k-fips) and was
> recently hit by a nasty DDoS SSL handshake attack.
there are several techics are avaialble to mitigate DDoS attacks with NGINX and
NGINX Plus, pl
ginx.org
Sent: November 6, 2019 11:41 AM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: SSL handshake attack mitigation
Greetings!
I run a bunch of sites on nginx-plus-r19 (OpenSSL 1.0.2k-fips) and was
recently hit by a nasty DDoS SSL handshake attack.
I noticed nginx worker proc
Greetings!
I run a bunch of sites on nginx-plus-r19 (OpenSSL 1.0.2k-fips) and was
recently hit by a nasty DDoS SSL handshake attack.
I noticed nginx worker processes suddenly eating all available CPU and the
"Handshakes failed" counter in the nginx plus dashboard suddenly climbing
out of proporti
