ngx_lua_anticc is a CC(ChallengeCollapsar) attack mitigation tool for Nginx. CC attack (i.e. HTTP request flood) is kind of layer 7 DDoS attack. ngx_lua_anticc is an extension of Nginx based on ngx_lua. With it, you can easily add CC attack protection for your web server.
git clone https://github.com/apapacy/ngx_lua_anticc.git
Install nginx-extras or openresty with Lua module
https://github.com/jprjr/lua-resty-exec https://github.com/skarnet/skalibs https://github.com/jprjr/sockexec Success compile with version 2.6.4
- Edit your
nginx.conf
, addinclude ngx_lua_anticc/nla.conf;
into the http section.
-
Copy from *.dist and edit the config file
ngx_lua_anticc/nla.conf
. -
Copy from *.dist and edit the config file
ngx_lua_anticc/wl.lua
.
whitelist:add("127.0.0.1", true)
After you restart nginx, the Anti-CC protection is automatically enabled. Enjoy your web service without CC attacks!