DDOS protection tips: how to deal with DDOS encountering a slow connection?

When we choose DDOS protection measures, we need to understand some DDOS attack types first, so that we can conveniently prescribe the right medicine and choose a suitable DDOS protection plan.
There is a special type of attack in distributed denial of service attacks (DDOS attacks). They are characterized by slowness. This is a slow connection attack. To deal with this kind of attack, special DDOS protection methods are needed. Slow connection attacks are mainly divided into three types: Slow headers attacks, Slow body attacks, and Slow read attacks.
Slow headers attack: The attacker initiates an HTTP request to the server and keeps sending HTTP headers, and the server needs to receive all HTTP headers before processing, which consumes the server's connection and memory resources;
Slow body Attack: The attacker sends an HTTP POST request, indicating that a large amount of data is to be sent; at this time, the server will keep the connection ready to receive data, but the attacking client only sends a small amount of data each time, which consumes the server's connection and memory resources;
Slow read attack: The attacker sends a complete request to the server after establishing a connection, and then keeps this connection, reading the Response at a very low speed or making the server mistakenly think that the client is busy, in order to consume the server's connection and memory resources.
For example, the attacked server is like a restaurant. The usual steps for dining are: order, pay, and eat. The attacker is like a person who is not pleasing to the eyes of this restaurant. He hired many seemingly normal guests to eat in, and as a result, many abnormal situations will occur. Slow headers attacks are like the kind of people who hesitate to order food, keep talking and can't tell what they want to order; Slow body attacks are like customers checking out, but they pay coins one by one from their pockets; Slow A read attack is like not leaving a customer who has been occupying a seat after eating, resulting in new customers not being able to come in for dinner.
Summarizing the above three types of customers, in fact, there is one word in common: slow. Do everything possible to slow down their actions. In the seemingly normal ordering process, they can always try their best to delay time, occupy resources and not release for a long time, causing normal customers to wait in line behind, even the store is crowded If you don't go in, you can only hope to "serve" and sigh. If the restaurant wants to operate normally, it can only be solved by preventing these messy customers, cleaning up these slow ordering and paying customers, and limiting the meal time. This is also the principle of such DDOS protection measures.
The same is true for server management. In addition to DDOS protection, timely management and maintenance are also required, such as system upgrades, firewall settings, shutting down long-term unused services and ports, and monitoring system logs. Of course, you can also choose professional DDOS protection service products to protect the security of the server.
This article is reproduced from: http://www.heikesz.com/ddos1/1826.html