HTTP methods required for most web apps like XenForo and WP to work fully?

RoldanLT · Jul 6, 2015

So I got hit by large L7 ddos attacks, web applications type of attack.
I have implemented most security measures including limiting "request_method" allowed outside.

I have this configured:

map $request_method $not_allowed_method {
default 1;
GET 0;
HEAD 0;
POST 0;
}
Click to expand...

So I will deny any request except those 3 declared.
Is that sufficient and enough for XenForo and WP to work fine?
Thanks!

eva2000 · Jul 6, 2015

what you trying to do ? got full example ?

RoldanLT · Jul 6, 2015

So on Nginx.conf below
http {
I got this:

map $request_method $not_allowed_method {
default 1;
GET 0;
HEAD 0;
POST 0;
}
Click to expand...

On Domain.conf
Above root /home/nginx/domains/domain.com/public;

### Deny Bad Access
if ($not_allowed_method) { return 405; }
Click to expand...

eva2000 · Jul 6, 2015

maybe 444 code List of HTTP status codes - Wikipedia, the free encyclopedia ?

444 No Response (Nginx)
Used in Nginx logs to indicate that the server has returned no information to the client and closed the connection (useful as a deterrent for malware).
Click to expand...

as to whether it works fine, try it and see

quicksalad · Jul 7, 2015

eva2000 said: ↑

maybe 444 code List of HTTP status codes - Wikipedia, the free encyclopedia ?

as to whether it works fine, try it and see
Click to expand...

Trying to add 444 no response but I couldn't check if I did it right. Any helpful link or guide?

This is done on nginx.conf right?

Thanks

RoldanLT · Jul 7, 2015

quicksalad said: ↑

Trying to add 444 no response but I couldn't check if I did it right. Any helpful link or guide?

This is done on nginx.conf right?

Thanks
Click to expand...

Post #3 HTTP methods required for most web apps like XenForo and WP to work fully? | Centmin Mod Community
Is all you have to do.

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

HTTP methods required for most web apps like XenForo and WP to work fully?

RoldanLT Well-Known Member

eva2000 Administrator Staff Member

RoldanLT Well-Known Member

eva2000 Administrator Staff Member

quicksalad Member

RoldanLT Well-Known Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

HTTP methods required for most web apps like XenForo and WP to work fully?

RoldanLT Well-Known Member

eva2000 Administrator Staff Member

RoldanLT Well-Known Member

eva2000 Administrator Staff Member

quicksalad Member

RoldanLT Well-Known Member

.