How many args in $args?

Is there some means of determining how many query parameters are being
passed, by looking $args, say? There’s a kind of DOS attack which can
bring down Java based webapps which do binding of request parameters to
properties, and it seems to me that nginx used as a remote proxy server
could probably prevent this simply by rejecting requests which had more
than x query parameters.

Hello!

On Wed, Mar 07, 2012 at 10:09:38AM +0000, John M. wrote:

Is there some means of determining how many query parameters are being
passed, by looking $args, say? There’s a kind of DOS attack which can
bring down Java based webapps which do binding of request parameters to
properties, and it seems to me that nginx used as a remote proxy server
could probably prevent this simply by rejecting requests which had more
than x query parameters.

Something like

if ($args ~ "(?:[&;][^&;]*){50,}") {
    return 403;
}

should do the trick.

Maxim D.

On Wednesday 07 March 2012 14:09:38 John M. wrote:

Is there some means of determining how many query parameters are being
passed, by looking $args, say? There’s a kind of DOS attack which can
bring down Java based webapps which do binding of request parameters to
properties, and it seems to me that nginx used as a remote proxy server
could probably prevent this simply by rejecting requests which had more
than x query parameters.

You can simple utilize regexp functionality for such task, i.e.:

if ($args ~ “^(?:[^&]+&){16}”) {
return 403;
}

http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#if

wbr, Valentin V. Bartenev

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs