B4J Question HTTP Flooding Server Request

aaronk

Well-Known Member
Licensed User
Longtime User
Hi,

I have my B4J app running on a VPS.

In my B4J app I am running a HTTP Server.

I noticed in the HTTP log, that someone is flooding my server with invalid web requests.


The above log is just some events.

Just wondering would the DoSFilter help stop people flooding my B4J app with these invalid requests ?
https://www.b4x.com/android/forum/threads/dosfilter-request-timeout.70426/#content
 
Sort by date Sort by votes

aaronk

Well-Known Member
Licensed User
Longtime User
Is there a way in blocking the user if they submit an xx of invalid requests ?

For example if they submit 10-15 invalid requests in a 10 second period, then block them from accessing the HTTP server for 10 minutes ?
 
Upvote 0

aaronk

Well-Known Member
Licensed User
Longtime User
Erel said:
Worth adding the DoSFilter though this is not a denial of service attack.
Click to expand...

Would adding something like the following code block the users request, if they submit multiple requests within 5 seconds ?
B4X: 
srvr.AddDoSFilter("/*", CreateMap("maxRequestMs": 5000))
What happens if I am using a web socket & UDP messages, will this also trigger this feature or does it only work HTTP requests ?

Just trying to understand what the above does.

alwaysbusy said:
fail2ban looks like a tool that may be useful:
https://security.stackexchange.com/...-if-im-getting-many-http-requests-in-a-second
Click to expand...

I will need to look into that. Looks interesting. You ever used anything like this before ?


Erel said:
Start with blocking the ip address in the server firewall.
Click to expand...
I will need to look into that.
My VPS hosting company provides a external firewall and they use the OpenStack Compute API. So will need to work out how they use the API to add/delete rules using the API. Don't know if I can add firewall rules using the API and the API is mainly used for adding new VPS nodes to my account.
 
Upvote 0

Alexander Stolte

Expert
Licensed User
Longtime User
aaronk said:
I will need to look into that. Looks interesting. You ever used anything like this before ?
Click to expand...
I use Fail2Ban on my Server successfully, the IPs are banned.

I have made a checklist to setting up a VPS for my own, one section is security and this is what i use for Fail2Ban (But only for SSH):
B4X: 
apt-get install fail2ban

nano /etc/fail2ban/jail.local

[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/fail2ban.log
findtime  = 60000
bantime = 36000000
maxretry = 3

service ssh restart

After 5 Minutes I already had a lot of banned IP addresses who tried to connect to SSH.

Just my 50ct
 
Upvote 0
You must log in or register to reply here.

Similar Threads

  • Question
B4J Question Trying to emulate an http 1.1 server response.
Replies
2
Views
602
hatzisn
G
  • Question
B4J Question Application crash on httpjob response
Replies
6
Views
953
gallemodena
G
  • Question
B4J Question Http Request problem With Tron Http Api
Replies
0
Views
744
behnam_tr
  • Question
B4J Question OkHttpUtils in Server handler.
Replies
8
Views
2K
Erel
  • Question
B4J Question jServer http
Replies
2
Views
641
woniol
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…