I ask because these types of attacks are becoming extremely common and
hacktivist groups are using these simple tools to bring down all kinds
of large sites.
Reading that article it says:
“So nginx is a good web server, use it! [image: ;)]”
Their conclusion was that nginx handles that type of attack very well
and
you would need a DDoS attack (and a large one at that) to bring down a
single nginx server. Are there other examples of attacks that you have
found that nginx is susceptible to? I have not heard of any
specific vulnerabilities of nginx that are not common to any other
webserver
like simple bandwidth flooding.
Right, nginx does seem to handle SlowLoris attack better than most web
servers. However, there’s Apache 2 patch that mitigates SlowLoris really
well (you can find it with a quick search). I don’t know if nginx is on
the
same level as Apache2+patch.
However, I have no idea how well nginx can sustain under a
small/moderate
RUDY attack. RUDY is one of the newer attacks that’s gained a lot of
popularity in recent months.