HTTP methods required for most web apps like XenForo and WP to work fully?

rdan · Jul 6, 2015

So I got hit by large L7 ddos attacks, web applications type of attack.
I have implemented most security measures including limiting "request_method" allowed outside.

I have this configured:

map $request_method $not_allowed_method {
default 1;
GET 0;
HEAD 0;
POST 0;
}
Click to expand...

So I will deny any request except those 3 declared.
Is that sufficient and enough for XenForo and WP to work fine?
Thanks!

eva2000 · Jul 6, 2015

what you trying to do ? got full example ?

rdan · Jul 6, 2015

So on Nginx.conf below
http {
I got this:

map $request_method $not_allowed_method {
default 1;
GET 0;
HEAD 0;
POST 0;
}
Click to expand...

On Domain.conf
Above root /home/nginx/domains/domain.com/public;

### Deny Bad Access
if ($not_allowed_method) { return 405; }
Click to expand...

eva2000 · Jul 6, 2015

maybe 444 code List of HTTP status codes - Wikipedia, the free encyclopedia ?

444 No Response (Nginx)
Used in Nginx logs to indicate that the server has returned no information to the client and closed the connection (useful as a deterrent for malware).
Click to expand...

as to whether it works fine, try it and see

quicksalad · Jul 7, 2015

eva2000 said: ↑

maybe 444 code List of HTTP status codes - Wikipedia, the free encyclopedia ?

as to whether it works fine, try it and see
Click to expand...

Trying to add 444 no response but I couldn't check if I did it right. Any helpful link or guide?

This is done on nginx.conf right?

Thanks

rdan · Jul 7, 2015

quicksalad said: ↑

Trying to add 444 no response but I couldn't check if I did it right. Any helpful link or guide?

This is done on nginx.conf right?

Thanks
Click to expand...

Post #3 HTTP methods required for most web apps like XenForo and WP to work fully? | Centmin Mod Community
Is all you have to do.

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

HTTP methods required for most web apps like XenForo and WP to work fully?

rdan Premium Member Premium Member

eva2000 Administrator Staff Member

rdan Premium Member Premium Member

eva2000 Administrator Staff Member

quicksalad Member

rdan Premium Member Premium Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

HTTP methods required for most web apps like XenForo and WP to work fully?

rdan Premium Member Premium Member

eva2000 Administrator Staff Member

rdan Premium Member Premium Member

eva2000 Administrator Staff Member

quicksalad Member

rdan Premium Member Premium Member

.