Runbook
Mitigating DDoS Attacks with NGINX
Back to Runbooks
Overview
This incident type is related to mitigating Distributed Denial of Service (DDoS) attacks using NGINX, which is a popular web server software. DDoS attacks involve overwhelming a server with a flood of traffic from multiple sources, resulting in a denial of service for legitimate users. To prevent such attacks, various techniques can be used such as limiting the rate of requests, number of connections, blocking requests, and using caching to smooth traffic spikes. NGINX can be configured to implement these techniques and provide protection against DDoS attacks.
Parameters
Debug
Check if NGINX is running
Check the current configuration of NGINX
Check the access and error logs of NGINX
Check the network traffic to the server using the tcpdump command
Check the number of active connections to the server
Check the number of connections per IP address
Check the NGINX cache status
Check the NGINX configuration for rate limiting
Check the NGINX configuration for connection limiting
Repair
Learn more
Related Runbooks
Check out these related runbooks to help you debug and resolve similar issues.