You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We store negative cache entries in the cache, so a DoS attack is possible when a user just generates any URI and efficiently exhaust Web-cache memory by sending the requests to Tempesta. So Frang should provide a rate limit for number of negative cache entries per time unit.
While random URLs, producing tons of negative responses and cache entries, is a popular attack, we also should be able to limit per-client rate of cache bypassing requests. The limit is good to have, but it could be harmful, so #488 solves the problem in more gentle way by QoS.
We store negative cache entries in the cache, so a DoS attack is possible when a user just generates any URI and efficiently exhaust Web-cache memory by sending the requests to Tempesta. So Frang should provide a rate limit for number of negative cache entries per time unit.
tfw_cache_mgr
(#515) must clear the entries out.While random URLs, producing tons of negative responses and cache entries, is a popular attack, we also should be able to limit per-client rate of cache bypassing requests. The limit is good to have, but it could be harmful, so #488 solves the problem in more gentle way by QoS.
Please update the Wiki page.
The text was updated successfully, but these errors were encountered: