| 1 | | To protect from DoS attacks, consider configuring nginx appropriately. In particular, Slowloris-type attacks can be effectively mitigated by: |
| 2 | | Configuring nginx to be able to handle more connections, specifically with more worker_connections and larger number of worker_processes. Note that this might also require OS tuning. |
| 3 | | Configuring smaller client-related timeouts, notably client_header_timeout, client_body_timeout, send_timeout. |
| 4 | | Additionally, you might also consider: |
| 5 | | Limiting request rates with limit_req. |
| 6 | | Limiting number of connections with active requests with limit_conn. |
| 7 | | Using reset_timedout_connection to ensure faster closing of connections with misbehaving clients. |
| 8 | | Configuration limits on the number of open connections externally to nginx (e.g., on your firewall). |
| 9 | | Hope this helps. |
| 10 | | |
| 11 | | >> |
