How to prevent DOS attacks on my http server which written in node.js?

0x90 picture 0x90 · Dec 22, 2011 · Viewed 10.3k times · Source

using node.js, the net module for building a tcp server which can hande http requests.

I would like to prevent dos attacks so what I have done is somthing like this:

if (status.numOfCurrentRequests + 1 >= MAX_NUM_OF_CONNECTIONS) {
    socket.end();
    return; 
}

I was wondering if it is better to use :

socket.destroy();

from the API :

socket.destroy() # Ensures that no more I/O activity happens on this socket. Only necessary in case of errors (parse error or so).

what are the differences and benefits?

Answer

Ryan Doherty picture Ryan Doherty · Dec 22, 2011

A DOS attack really shouldn't be handled by your HTTP server. Once a request has reached it the attacker has 'won' by taking up a connection (no matter how short). Even if they are short they can just slam it with thousands/sec and prevent anyone else from connecting. Also, they might not attempt to 'connect' via TCP and just flood the server with all sorts of requests.

Block/detect DOS attacks at a lower level or via a firewall, which I'm sure many software and hardware versions support some basic types of DOS detection and prevention.