NGINX App Protect DoS Release 1.0
Here you can find the release information for NGINX App Protect DoS v1. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
July 6, 2021
Protection against application layer Denial of Service attacks:
- GET and POST flood
- Slowloris, Slowread, Slowpost
- Distributed variations of attacks (see above)
- Challenge Collapsar (CC) attack/random URIs
False-positive management mechanisms:
- HTTP Redirection
- Client-side validation
- TLS fingerprinting
- Traditional HTML-based web applications
- XML-based web services
- REST APIs (JSON)
- Kubernetes Per-pod proxy
- Kubernetes Per-service proxy
- API Gateway
- Traditional edge proxy
App Protect DoS
- NGINX Plus R24
proxy_request_buffering offis not supported.
NGINX App Protect DoS does not protect
http2services. The traffic is bypassed.
TLS fingerprint feature is not used in CentOS 7.4 due to the old OpenSSL version. The required OpenSSL version is 1.1.1 or higher.
Slow POST attack always mitigates with block action while other types of attacks can also be mitigated with redirection or JS challenges.
This documentation applies to the following versions of NGINX App Protect DoS: 1.0.