Join the community today
Become a Member

Automatic Test-Cookie

Discussion in 'Other Web Apps usage' started by Dewey, Nov 10, 2019.

  1. Dewey

    Dewey New Member

    3
    0
    1
    Nov 10, 2019
    Ratings:
    +0
    Local Time:
    1:15 AM
    Lastest
    Hello, I would like to know if there is any way to enable testcookie through the number of website connections.
    I mean, if a website reached x connections then "testcookie on;"
    I made it with bash script, but doing verification to access.log actually causes a lot of CPU Usage (because of the numbers of the websites hosted).
    So there is any way to do it via nginx? Or some other way that causes less cpu usage?

     
  2. eva2000

    eva2000 Administrator Staff Member

    55,225
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,831
    Local Time:
    10:15 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    You'd have to elaborate on what the testcookie aims to do ? Or do you mean Centmin Mod 123.09beta01's Nginx Test Cookie nginx module Beta Branch - add testcookie-nginx-module optional support in 123.09beta01 located at kyprizel/testcookie-nginx-module ? Unfortunately that Nginx module is no longer supported by the author so hasn't been updated in years so whether it works, you'd have to figure out. It does seem to compile on Centmin Mod 123.09beta01 with Nginx 1.17.5 at least.
     
    Last edited: Nov 10, 2019
  3. Dewey

    Dewey New Member

    3
    0
    1
    Nov 10, 2019
    Ratings:
    +0
    Local Time:
    1:15 AM
    Lastest
    Well, both goes into the same way,
    "testcookie on" and "testcookie off"
    What Im asking isn't really about the testcookie module
    I'm asking if there is a way to enable the testcookie (being used as Anti-DDoS Proxy) in case of a DDoS Attacks, I mean if a website has x connections per second then enable testcookie (testcookie on)
     
  4. eva2000

    eva2000 Administrator Staff Member

    55,225
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,831
    Local Time:
    10:15 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    that's basically what this guide does Install - Upgrade - Nginx - CentOS 7.x - Anti-DDoS Mitigate: Automatic deploy/config Testcookie module for Centminmod (vCentminmod-DDoS) so yes it's possible but for support/setup you'd need to ask the author of that write up linked.

    Or you can do something similar if you use Cloudflare and it's rate limit/firewall rules to challenge visitors. Doing it at Cloudflare level will save you in terms of cpu and server resource usage to handle alot of traffic.

    cf-firewall-rules-02.png
     
  5. eva2000

    eva2000 Administrator Staff Member

    55,225
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,831
    Local Time:
    10:15 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    oh actually had that link mixed up with what i was thinking about using nginx lua scripting for rate limiting How to limit requests, and ban those hitting the limit not test cookie

    for what you're after Cloudflare rate limiting seems easier though it's a billed feature Billing for Cloudflare Rate Limiting