HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks
L: https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
Cc nostr:npub1yxprsscnjw2e6myxz73mmzvnqw5kvzd5ffjya9ecjypc5l0gvgksh8qud4 nostr:npub1qqqqqqyz0la2jjl752yv8h7wgs3v098mh9nztd4nr6gynaef6uqqt0n47m
Curious to any nostr relay dev opinion. What do you think about this attack? Especially if it happened to Nostr relay.
Cc nostr:npub18kzz4lkdtc5n729kvfunxuz287uvu9f64ywhjz43ra482t2y5sks0mx5sz nostr:npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkj
Dealing with DDoS attacks is just apart of running Internet services in general. Whether relying primarily on third party infrastructure (like cloudflare) or your own, mitigating these attacks without (extended) downtime is important.
True, what is your practical tips to handle this (for now)? Especially since common affected software like Nginx and Caddy haven't fully solve this issue (yet) if i'm not mistaken.
I've heard that Nginx is currently preparing to issue a new patch that will be released to handle this CVE https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
