At present, the network environment is facing many challenges. Rudy attacks are one of them. Such attacks will threaten the program services of the website, which is mainly manifested in reducing website server performance, data leakage, service interruption, response delay, etc. In order to better respond to such attacks, webmasters are actively studying such attacks. What are the Rudy attack and what are the preventive methods?

　　Rudy definition

　　Rudy (RU-Dead-yet) attack is a slow HTTP Post attack for web applications. The attacker uses a large amount of low -speed HTTP post request to occupy server resources, making the target website unavailable. The Rudy attack intention cannot respond to the request of legal users normally when the computing resources and network bandwidth of the server consumes the server.

　　Effective measures to prevent Rudy attack?

　　Use web application firewall (WAF): WAF can detect and prevent malicious HTTP requests, including Rudy attacks. It can identify potential attack traffic based on rules or behavior analysis and prevent malicious requests.

　　Limit connection

　　The closing connection of the same IP address can be limited, thereby reducing the resource consumption of a single IP address.

　　Http restriction request

　　For HTTP requests that restrict malicious or abnormalities, such as limiting the size or frequency of post request.

　　Flow monitoring and analysis

　　Use network monitoring tools to monitor the traffic mode, and early detection of abnormal flow increases.

　　Endless load flow

　　Use load balancing to disperse, distribute the request to multiple servers, thereby reducing the load of a single server.

　　Request verification

　　Implement the request verification mechanism to ensure that the request sent by the client is legal and contains the necessary parameters.

　　Strengthen server resource management

　　Set resource management strategies on the server to ensure that each connection or request cannot take up too much computing resources.

　　Automatic protection system

　　The use of automated DDOS protection system can detect and automatically process malware, including slow attacks.

　　Update and patch

　　Keep the application and server patch update to reduce the known vulnerabilities and attack surfaces.

　　Monitoring and response plan

　　Implement real -time monitoring and timely discover abnormal flow and attack. At the same time, the response plan is established, and timely measures can be taken quickly when attacking.

　　blacklist

　　Add the known attacker IP address to the blacklist to prevent them from accessing the website.

　　Restricted session

　　Use session management to limit the number of connections and duration of each session, the connection time of a session.

　　In general, the impact of Rudy attack on website applications and business cannot be ignored, so it is necessary to take necessary measures to establish an emergency response plan to protect the network and data security. The above defense measures are common methods. Of course, there are more defense methods. It can be combined according to actual needs. Successful defense possibilities can be more likely to prevent RUDY attacks and other slow attacks on Web applications.