You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consider it suspicious if greater than N requests are issued by a given client that result in error statuses within a given time period. Recent attack pattern example: a CMS site with fast "static asset delivery" for real on-disk resources, but slow, database-impacting fallback lookup for resources that do not exist on-disk.
In this scenario, simple mitigation would be to blacklist the paths being requested. However, if the attack pattern (i.e. requested paths) change—trivial as an attacker—the mitigation falls apart.
The text was updated successfully, but these errors were encountered:
Consider it suspicious if greater than N requests are issued by a given client that result in error statuses within a given time period. Recent attack pattern example: a CMS site with fast "static asset delivery" for real on-disk resources, but slow, database-impacting fallback lookup for resources that do not exist on-disk.
In this scenario, simple mitigation would be to blacklist the paths being requested. However, if the attack pattern (i.e. requested paths) change—trivial as an attacker—the mitigation falls apart.
The text was updated successfully, but these errors were encountered: