{"id":386604,"date":"2023-11-20T14:02:38","date_gmt":"2023-11-20T13:02:38","guid":{"rendered":"https:\/\/blog.wedos.cz\/?p=386604"},"modified":"2023-11-23T15:07:27","modified_gmt":"2023-11-23T14:07:27","slug":"waf-report-z-wedos-global-protection-za-rijen-2023","status":"publish","type":"post","link":"https:\/\/blog.wedos.com\/cs\/waf-report-z-wedos-global-protection-za-rijen-2023","title":{"rendered":"WAF report z WEDOS Global Protection za \u0159\u00edjen  2023"},"content":{"rendered":"\n<p>V \u0159\u00edjnu jsme hlavn\u011b ladili cachov\u00e1n\u00ed obsahu. Poda\u0159ilo se n\u00e1m dos\u00e1hnout velk\u00e9ho pokroku zvl\u00e1\u0161t\u011b u WordPress web\u016f. Jak\u00fdkoliv statick\u00fd obsah dok\u00e1\u017eeme vracet za tis\u00edciny vte\u0159iny po obdr\u017een\u00ed requestu od u\u017eivatele a p\u0159itom si kontrolovat, zdali je aktu\u00e1ln\u00ed v jednotk\u00e1ch vte\u0159in a\u017e 60 vte\u0159in (v z\u00e1vislosti na tarifu). Pr\u016fm\u011brn\u00fd web na WEDOS Global Protection se zrychlil o zhruba 48 %. <\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Nov\u00e1 cache byla spu\u0161t\u011bna pro v\u0161echny weby na WEDOS Global Protection za\u010d\u00e1tkem listopadu. N\u00ed\u017ee je graf pr\u016fm\u011brn\u00e9 odpov\u011bdi, m\u011b\u0159eno pomoc\u00ed slu\u017eby <a href=\"https:\/\/www.wedos.online\/cs\/\" target=\"_blank\" rel=\"noopener\">WEDOS OnLine<\/a>. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"417\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache-1024x417.png\" alt=\"Spu\u0161t\u011bn\u00ed nov\u00e9ho cachov\u00e1n\u00ed statick\u00e9ho obsahu pro v\u0161echny weby na WEDOS Global Protection. Pr\u016fm\u011brn\u00e9 zrychlen\u00ed zhruba 48 %.\" class=\"wp-image-390281 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache-1024x417.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache-300x122.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache-768x313.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231103-nasazeni-cache.png 1325w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/417;\" \/><\/a><figcaption class=\"wp-element-caption\">Spu\u0161t\u011bn\u00ed nov\u00e9ho cachov\u00e1n\u00ed statick\u00e9ho obsahu pro v\u0161echny weby na WEDOS Global Protection. Pr\u016fm\u011brn\u00e9 zrychlen\u00ed zhruba 48 %.<\/figcaption><\/figure>\n\n\n\n<p>Samoz\u0159ejm\u011b jsem vylep\u0161ovali i ochrany. \u0158ada pravidel pro\u0161la reviz\u00ed, hled\u00e1me nov\u00e9 metody, jak b\u00fdt efektivn\u00ed, jak pom\u00e1hat c\u00edlov\u00e9mu serveru. P\u0159eci jen roste i po\u010det z\u00e1kazn\u00edk\u016f, kte\u0159\u00ed nemaj\u00ed hosting p\u0159\u00edmo u n\u00e1s a tam nar\u00e1\u017e\u00edme na jejich pravidla proti \u00fatok\u016fm. Zji\u0161\u0165ujeme, \u017ee v \u010cR je b\u011b\u017en\u00e9 vyp\u00ednat weby s nadm\u011brn\u00fdm provozem t\u0159eba na hodinu. Tak\u017ee vyb\u00edr\u00e1me vhodn\u00e9 \u0159e\u0161en\u00ed, jak i tomu p\u0159edej\u00edt. WEDOS Global Protection m\u016f\u017ee slou\u017eit jako hl\u00edda\u010d t\u011bchto limit\u016f. <\/p>\n\n\n\n<p>Doslova ka\u017ed\u00fd t\u00fdden nach\u00e1z\u00edme nov\u00e9 vyu\u017eit\u00ed pro infrastrukturu WEDOS Global. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">WEDOS Global<\/h2>\n\n\n\n<p>WEDOS Global p\u0159edstavuje nejen rozs\u00e1hlou, ale p\u0159edev\u0161\u00edm \u0161pi\u010dkovou infrastrukturu, kter\u00e1 stoj\u00ed na p\u0159edn\u00ed linii technologick\u00e9ho pokroku. S na\u0161\u00ed glob\u00e1ln\u00ed p\u0159\u00edtomnost\u00ed rozprost\u00edraj\u00edc\u00ed se p\u0159es tis\u00edce fyzick\u00fdch server\u016f v des\u00edtk\u00e1ch strategicky um\u00edst\u011bn\u00fdch lokalit jsme pr\u00e1vem hrd\u00ed na na\u0161i schopnost poskytovat rychl\u00e9, efektivn\u00ed a nekompromisn\u011b spolehliv\u00e9 slu\u017eby po cel\u00e9m sv\u011bt\u011b. A to jsme teprve na za\u010d\u00e1tku. Do konce roku p\u0159ibudou dal\u0161\u00ed lokality a v roce 2023 se p\u0159ehoupneme p\u0159es stovku.<\/p>\n\n\n\n<p>Celkov\u00e1 konektivita WEDOS Global aktu\u00e1ln\u011b p\u0159esahuje 3 000 gigabit\u016f za sekundu, co\u017e je z\u00e1rukou nejen rychl\u00e9ho, ale i bezpe\u010dn\u00e9ho a bezprobl\u00e9mov\u00e9ho p\u0159enosu dat. Na\u0161e odhodl\u00e1n\u00ed dod\u00e1vat nejlep\u0161\u00ed mo\u017enou slu\u017ebu je patrn\u00e9 z pe\u010dliv\u00e9ho v\u00fdb\u011bru lokalit, kter\u00e9 jsou nejen geograficky v\u00fdznamn\u00e9, ale tak\u00e9 disponuj\u00ed \u0161pi\u010dkov\u00fdm technick\u00fdm z\u00e1zem\u00edm.<\/p>\n\n\n\n<p>Z\u00e1kladem je BGP Anycast. Tato technologie n\u00e1m umo\u017e\u0148uje poskytovat rychlej\u0161\u00ed a spolehliv\u011bj\u0161\u00ed DNS slu\u017eby, co\u017e p\u0159\u00edmo p\u0159isp\u00edv\u00e1 ke zkr\u00e1cen\u00ed doby na\u010d\u00edt\u00e1n\u00ed webov\u00fdch str\u00e1nek a ke zlep\u0161en\u00ed u\u017eivatelsk\u00e9ho z\u00e1\u017eitku. D\u00e1le eliminuje nejv\u011bt\u0161\u00ed s\u00edlu DDoS \u00fatok\u016f, proto\u017ee ty se rozm\u011bln\u00ed mezi jednotliv\u00e9 lokality, kde si s nimi porad\u00ed v\u00fdpo\u010detn\u00ed v\u00fdkon tis\u00edc\u016f server\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Nov\u00e9 propoje (peering)<\/h3>\n\n\n\n<p>Aktivn\u011b se v\u011bnujeme roz\u0161i\u0159ov\u00e1n\u00ed s\u00edt\u011b lokalit WEDOS Global (m\u00e1me rozjedn\u00e1no n\u011bkolik lokalit). Nen\u00ed v\u0161ak jednoduch\u00e9 nal\u00e9zt dal\u0161\u00ed vhodn\u00e1 m\u00edsta, kter\u00e1 by n\u00e1m umo\u017enila um\u00edstit alespo\u0148 45 fyzick\u00fdch server\u016f (tolik pot\u0159ebujeme kv\u016fli v\u00fdpo\u010detn\u00edmu v\u00fdkonu) a z\u00e1rove\u0148 nab\u00edzela konektivitu minim\u00e1ln\u011b 100 Gbps (pro rychl\u00fd a stabiln\u00ed p\u0159enos dat i v p\u0159\u00edpad\u011b velk\u00fdch \u00fatok\u016f). P\u0159i v\u00fdb\u011bru lokalit pro na\u0161e servery se omezujeme pouze na datacentra renomovan\u00fdch a ov\u011b\u0159en\u00fdch spole\u010dnost\u00ed, se kter\u00fdmi u\u017e spolupracujeme. <\/p>\n\n\n\n<p>V sou\u010dasn\u00e9 dob\u011b se zam\u011b\u0159ujeme na Ji\u017en\u00ed Ameriku, kde n\u00e1m st\u00e1le chyb\u00ed lokalita. Zde se setk\u00e1v\u00e1me p\u0159edev\u0161\u00edm s p\u0159ek\u00e1\u017ekami v podob\u011b m\u00edstn\u00ed legislativy.<\/p>\n\n\n\n<p>V dlouhodob\u00e9m horizontu uva\u017eujeme o z\u0159\u00edzen\u00ed specializovan\u00fdch bod\u016f, kter\u00e9 by byly vybaveny hardwarov\u00fdmi komponentami ur\u010den\u00fdmi pro konkr\u00e9tn\u00ed \u00fa\u010dely (nap\u0159\u00edklad optimalizace pro specifick\u00e9 typy datov\u00fdch tok\u016f, zabezpe\u010den\u00ed, CDN atd.). P\u0159\u00edpadn\u011b zva\u017eujeme po\u0159\u00eddit nov\u00e9 extr\u00e9mn\u011b v\u00fdkonn\u00e9 servery, kter\u00e9 by samy zvl\u00e1dly celou lokalitu (p\u0159\u00edpadn\u011b v p\u00e1ru). Tyto servery by n\u00e1m umo\u017enily efektivn\u011bji a rychleji pokr\u00fdvat probl\u00e9mov\u00e9 oblasti. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Nov\u00fd propoj do FICIX (Finsko)<\/h4>\n\n\n\n<p>V \u00fater\u00fd 10. \u0159\u00edjna 2023 p\u0159esn\u011b v 7:45 jsme WEDOS Global p\u0159ipojili k finsk\u00e9mu internetov\u00e9mu uzlu FICIX, co\u017e je v\u00fdznamn\u00e9 pro z\u00e1kazn\u00edky sm\u011b\u0159uj\u00edc\u00ed na severoevropsk\u00fd trh, jeliko\u017e to v\u00fdrazn\u011b zlep\u0161\u00ed odezvu DNS server\u016f a distribuci cachovan\u00e9ho obsahu z reverzn\u00edch proxy. FICIX je hlavn\u00ed internetov\u00fd v\u00fdm\u011bnn\u00fd bod ve Finsku.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.wedos.cz\/wedos-global-se-pripojil-do-srdce-finskeho-internetu-k-internetovemu-uzlu-ficix\" target=\"_blank\" rel=\"noopener\">https:\/\/blog.wedos.cz\/wedos-global-se-pripojil-do-srdce-finskeho-internetu-k-internetovemu-uzlu-ficix<\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Nov\u00fd propoj do BIX.hu (Ma\u010farsko)<\/h4>\n\n\n\n<p>Dal\u0161\u00ed d\u016fle\u017eitou lokalitou na evropsk\u00e9 internetov\u00e9 map\u011b je Ma\u010farsko. Proto jsme WEDOS Global 9. \u0159\u00edjna 2023 propojili s Budapest Internet Exchange (BIX), co\u017e sn\u00ed\u017eilo odezvu z 30 ms v Ma\u010farsku na impozantn\u00edch 6 ms. Sni\u017eov\u00e1n\u00ed odezvy a zvy\u0161ov\u00e1n\u00ed stability DNS je sou\u010d\u00e1st\u00ed na\u0161eho pl\u00e1nu, jak se dostat mezi TOP 5 nejlep\u0161\u00edch poskytovatel\u016f DNS v Evrop\u011b. V\u011b\u0159\u00edme, \u017ee tohoto c\u00edle dos\u00e1hneme v \u0159\u00e1dech m\u011bs\u00edc\u016f. Pot\u00e9 zve\u0159ejn\u00edme v\u00fdsledky nez\u00e1visl\u00fdch m\u011b\u0159en\u00ed.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.wedos.cz\/wedos-global-se-propojil-do-bix-bude-tak-rychlejsi-pro-uzivatele-z-madarska\" target=\"_blank\" rel=\"noopener\">https:\/\/blog.wedos.cz\/wedos-global-se-propojil-do-bix-bude-tak-rychlejsi-pro-uzivatele-z-madarska<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"block-cf8be3ad-2224-472b-a4bd-d94ca3c9f21c\">Chcete se o WEDOS Global dozv\u011bd\u011bt v\u00edce?<\/h3>\n\n\n\n<p id=\"block-7a0e9de9-994a-4368-83c1-98199a50b21d\">Pokud v\u00e1s zaj\u00edm\u00e1 WEDOS Global a r\u00e1di byste se dozv\u011bd\u011bli v\u00edce o pokro\u010dil\u00fdch technologi\u00edch, kter\u00e9 pou\u017e\u00edv\u00e1me, tak pro hlub\u0161\u00ed a detailn\u00ed pohled do technologick\u00e9 architektury, na n\u00ed\u017e je postavena infrastruktura WEDOS Global, v\u00e1m doporu\u010dujeme poslechnout si na\u0161i p\u0159edn\u00e1\u0161ku z konference Kubernetes Community Days Czech &amp; Slovak 2023. Tuto odbornou prezentaci vedli dva kolegov\u00e9, kte\u0159\u00ed hraj\u00ed kl\u00ed\u010dovou roli ve v\u00fdvoji WEDOS Global.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe title=\"Glob\u00e1ln\u00ed Kubernetes infrastruktura, jej\u00ed v\u00fdvoj a \u00fadr\u017eba-WEDOS Global - Jakub Sassmann a Martin Du\u0161ek\" width=\"525\" height=\"295\" data-src=\"https:\/\/www.youtube.com\/embed\/siA5YFE5N4E?start=25&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" data-load-mode=\"1\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">WEDOS Global Protection<\/h2>\n\n\n\n<p>WEDOS Global Protection je vrcholn\u00fdm p\u0159\u00edkladem toho, jak inovace a technologick\u00e1 p\u0159evaha mohou posunout kybernetickou bezpe\u010dnost do nov\u00e9 \u00e9ry. Na\u0161e slu\u017eba zalo\u017een\u00e1 na robustn\u00ed a rozs\u00e1hl\u00e9 infrastruktu\u0159e WEDOS Global p\u0159in\u00e1\u0161\u00ed nejen ochranu, ale i v\u00fdkonnost a spolehlivost na \u00farovni, kter\u00e1 p\u0159ekra\u010duje tradi\u010dn\u00ed standardy.<\/p>\n\n\n\n<p>Jako reverzn\u00ed proxy server je WEDOS Global Protection schopen prov\u00e1d\u011bt \u0161irokou \u0161k\u00e1lu \u00fakon\u016f, od filtrov\u00e1n\u00ed p\u0159\u00edchoz\u00edch \u00fatok\u016f, p\u0159es ukl\u00e1d\u00e1n\u00ed statick\u00fdch kopi\u00ed va\u0161ich str\u00e1nek pro rychlej\u0161\u00ed zobrazen\u00ed, a\u017e po maskov\u00e1n\u00ed va\u0161\u00ed skute\u010dn\u00e9 IP adresy. To je v\u0161e podpo\u0159eno nejnov\u011bj\u0161\u00edmi dostupn\u00fdmi technologiemi pro komunikaci s n\u00e1v\u0161t\u011bvn\u00edky (IPv6, HTTP\/3).<\/p>\n\n\n\n<p>WEDOS Global Protection nab\u00edz\u00ed komplexn\u00ed bal\u00ed\u010dek, kter\u00fd zahrnuje ochranu p\u0159ed DDoS \u00fatoky, vysoce efektivn\u00ed webov\u00fd firewall, pokro\u010dil\u00e9 testov\u00e1n\u00ed podez\u0159el\u00e9ho provozu a mnoho dal\u0161\u00edho. To v\u0161e bez nutnosti zm\u011bny poskytovatele va\u0161ich slu\u017eeb \u2013 sta\u010d\u00ed jen nasm\u011brovat va\u0161i dom\u00e9nu na na\u0161e DNS. <\/p>\n\n\n\n<p><a href=\"https:\/\/www.wedos.com\/cs\/protection\/ochrana-wordpress\/\" target=\"_blank\" rel=\"noopener\">Pro u\u017eivatele s WordPress m\u00e1me i vlastn\u00ed plugin<\/a>, kter\u00fd v\u00e1m s cel\u00fdm procesem pom\u016f\u017ee. Nav\u00edc d\u00edky n\u011bmu snadn\u011bji identifikujme, \u017ee pou\u017e\u00edv\u00e1te WordPress a nastav\u00edme lep\u0161\u00ed pravidla jak pro ochranu, tak i pro cachov\u00e1n\u00ed obsahu.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Statistiky WEDOS Global Protection<\/h2>\n\n\n\n<p>V \u0159\u00edjnu narostl po\u010det u\u017eivatel\u016f WEDOS Global Protection na <strong>1 273<\/strong> (+61) a celkov\u00fd po\u010det chr\u00e1n\u011bn\u00fdch dom\u00e9n na <strong>5 797<\/strong> (+776). Mezi nov\u00fdmi u\u017eivateli bylo n\u011bkolik, kte\u0159\u00ed byli \u010dast\u00fdmi c\u00edli \u00fatok\u016f. Jejich weby ne\u0161ly i n\u011bkolik hodin. Nasazen\u00ed WEDOS Global Protection jim okam\u017eit\u011b pomohlo a setkali jsme se s velmi nad\u0161en\u00fdm ohlasem. <\/p>\n\n\n\n<p>Samoz\u0159ejm\u011b to se podepsalo i na po\u010dtu zaznamenan\u00fdch DDoS \u00fatok\u016f. \u00dato\u010dn\u00edci nikam neodejdou, budou se vracet a zkou\u0161et to po\u0159\u00e1d dokola. Hledaj\u00ed nov\u00e9 zp\u016fsoby a formy \u00fatok\u016f, jak v\u00e1m u\u0161kodit. Kdy\u017e zjistili, \u017ee jim to moc nejde, tak se rozhodli zam\u011b\u0159it na na\u0161e weby, co\u017e nebyl moc dobr\u00fd n\u00e1pad. Na\u0161e weby zn\u00e1me a p\u0159izp\u016fsobili jsme je velk\u00e9mu n\u00e1poru i \u00fatok\u016fm. Vlastn\u011b n\u00e1m to vyhovuje, proto\u017ee tak z\u00edsk\u00e1v\u00e1me cenn\u00e9 informace, jak br\u00e1nit na\u0161e z\u00e1kazn\u00edky.<\/p>\n\n\n\n<p>V \u0159\u00edjnu bylo zaznamen\u00e1no <strong>3&nbsp;120&nbsp;511&nbsp;662<\/strong> (-11,29 %) po\u017eadavk\u016f z <strong>8&nbsp;514&nbsp;892<\/strong> (-2,96 %) unik\u00e1tn\u00edch IP adres, kter\u00e9 sm\u011b\u0159ovaly na chr\u00e1n\u011bn\u00e9 dom\u00e9ny. V pr\u016fm\u011bru za den odbavily proxy servery <strong>100&nbsp;661&nbsp;666<\/strong> po\u017eadavk\u016f. Pokles je zp\u016fsoben efektivn\u011bj\u0161\u00edm filtrov\u00e1n\u00edm po\u017eadavk\u016f ne\u017e se dostanou na WAF, kde v\u0161e m\u011b\u0159\u00edme, a zm\u011bnou formy \u00fatok\u016f. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"433\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-1024x433.png\" alt=\"\" class=\"wp-image-390359 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-1024x433.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-300x127.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-768x325.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-1536x649.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1.png 1846w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/433;\" \/><\/a><figcaption class=\"wp-element-caption\">Celkov\u00fd po\u010det request\u016f, kter\u00e9 se dostaly a\u017e k WEDOS Global Protection za \u0159\u00edjen. 1. \u0159\u00edjna je men\u0161\u00ed provoz z d\u016fvodu nekompletn\u00ed datov\u00e9 sady.<\/figcaption><\/figure>\n\n\n\n<p>V \u0159\u00edjnu mezi L7 DDoS \u00fatoky dominoval nov\u00fd HTTP\/2 Rapid Reset. Jakmile byly zve\u0159ejn\u011bny podrobnosti (zhruba 10. \u0159\u00edjna 2023) jak funguje, tak se b\u011bhem p\u00e1r dn\u00ed stal dominantn\u00edm.<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile is-vertically-aligned-center has-white-color has-vivid-cyan-blue-background-color has-text-color has-background\" style=\"grid-template-columns:20% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"385\" height=\"400\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png\" alt=\"\" class=\"wp-image-123898 size-full lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png 385w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1-289x300.png 289w\" data-sizes=\"(max-width: 385px) 100vw, 385px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 385px; --smush-placeholder-aspect-ratio: 385\/400;\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><strong>L7 DDoS \u00fatok HTTP\/2 rapid reset<\/strong><\/p>\n\n\n\n<p>\u00datok &#8222;HTTP\/2 rapid reset&#8220; je specifick\u00fd typ kybernetick\u00e9ho \u00fatoku, kter\u00fd zneu\u017e\u00edv\u00e1 charakteristiky protokolu HTTP\/2. Tento protokol byl navr\u017een pro efektivn\u011bj\u0161\u00ed a rychlej\u0161\u00ed p\u0159enos dat ve srovn\u00e1n\u00ed s jeho p\u0159edch\u016fdcem HTTP\/1.1, d\u00edky pou\u017eit\u00ed technik jako multiplexov\u00e1n\u00ed po\u017eadavk\u016f, komprese hlavi\u010dek a jin\u00fdch vylep\u0161en\u00ed.<\/p>\n\n\n\n<p>Kl\u00ed\u010dov\u00e9 aspekty \u00fatoku &#8222;HTTP\/2 rapid reset&#8220; jsou:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Zneu\u017eit\u00ed Stream\u016f a Multiplexov\u00e1n\u00ed<\/strong>: HTTP\/2 umo\u017e\u0148uje multiplexov\u00e1n\u00ed, co\u017e znamen\u00e1, \u017ee v\u00edce po\u017eadavk\u016f m\u016f\u017ee b\u00fdt pos\u00edl\u00e1no sou\u010dasn\u011b p\u0159es jedno TCP spojen\u00ed. \u00dato\u010dn\u00edk zneu\u017e\u00edv\u00e1 tuto funkci t\u00edm, \u017ee rychle otev\u00edr\u00e1 a zav\u00edr\u00e1 velk\u00e9 mno\u017estv\u00ed stream\u016f.<\/li>\n\n\n\n<li><strong>Z\u00e1t\u011b\u017e na Servery<\/strong>: Toto chov\u00e1n\u00ed m\u016f\u017ee zp\u016fsobit zna\u010dnou z\u00e1t\u011b\u017e na serveru. Server se sna\u017e\u00ed spravovat a udr\u017eovat mnoho otev\u0159en\u00fdch stream\u016f, co\u017e vy\u017eaduje v\u00fdpo\u010detn\u00ed v\u00fdkon a pam\u011b\u0165. Pokud je tento \u00fatok prov\u00e1d\u011bn intenzivn\u011b a po del\u0161\u00ed dobu, m\u016f\u017ee doj\u00edt k vy\u010derp\u00e1n\u00ed syst\u00e9mov\u00fdch zdroj\u016f serveru.<\/li>\n\n\n\n<li><strong>Resetov\u00e1n\u00ed Stream\u016f<\/strong>: \u00dato\u010dn\u00edk po otev\u0159en\u00ed streamu po\u0161le r\u00e1mcov\u00fd sign\u00e1l RESET, kter\u00fd n\u00e1sledn\u011b vynut\u00ed server k uzav\u0159en\u00ed dan\u00e9ho streamu. Opakovan\u00e9 vys\u00edl\u00e1n\u00ed t\u011bchto sign\u00e1l\u016f v rychl\u00e9m sledu m\u016f\u017ee zp\u016fsobit, \u017ee server se stane p\u0159et\u00ed\u017een\u00fdm a nedostupn\u00fdm pro legitimn\u00ed u\u017eivatele.<\/li>\n\n\n\n<li><strong>Obt\u00ed\u017en\u00e1 Detekce<\/strong>: \u00datoky tohoto typu mohou b\u00fdt obt\u00ed\u017en\u011b detekovateln\u00e9, proto\u017ee se na prvn\u00ed pohled mohou jevit jako b\u011b\u017en\u00e1 komunikace podle protokolu HTTP\/2. To vy\u017eaduje pokro\u010dil\u00e9 monitorovac\u00ed a bezpe\u010dnostn\u00ed n\u00e1stroje schopn\u00e9 rozpoznat anom\u00e1ln\u00ed vzorce v r\u00e1mci HTTP\/2 komunikace.<\/li>\n\n\n\n<li><strong>C\u00edl \u00fatoku<\/strong>: Tento \u00fatok je obvykle zam\u011b\u0159en na webov\u00e9 servery a aplikace, kter\u00e9 pou\u017e\u00edvaj\u00ed HTTP\/2, a jeho c\u00edlem je vyvolat DoS (Denial of Service) stav, kdy server nen\u00ed schopen zpracov\u00e1vat dal\u0161\u00ed legitimn\u00ed po\u017eadavky.<\/li>\n<\/ul>\n\n\n\n<p>Vzhledem k tomu, \u017ee HTTP\/2 je \u0161iroce pou\u017e\u00edv\u00e1n v modern\u00edch webov\u00fdch aplikac\u00edch, je d\u016fle\u017eit\u00e9, aby byla infrastruktura vybavena odpov\u00eddaj\u00edc\u00edmi bezpe\u010dnostn\u00edmi mechanismy pro detekci a zm\u00edrn\u011bn\u00ed takov\u00fdchto \u00fatok\u016f.<\/p>\n\n\n\n<p>Anebo m\u016f\u017eete pou\u017e\u00edt WEDOS Global Protection. WEDOS Global Protection funguje jako reverzn\u00ed proxy, co\u017e znamen\u00e1, \u017ee ve\u0161ker\u00fd vstupn\u00ed provoz proch\u00e1z\u00ed p\u0159es infrastrukturu p\u0159ed dosa\u017een\u00edm c\u00edlov\u00e9ho serveru. Tato architektura umo\u017e\u0148uje efektivn\u011bj\u0161\u00ed filtrov\u00e1n\u00ed a anal\u00fdzu provozu, co\u017e je kl\u00ed\u010dov\u00e9 pro odhalen\u00ed a zastaven\u00ed &#8222;HTTP\/2 rapid reset&#8220; \u00fatok\u016f. Z\u00e1kazn\u00edk tak nemus\u00ed \u0159e\u0161it v podstat\u011b nic.<\/p>\n<\/div><\/div>\n\n\n\n<p>Hlavn\u00ed rozd\u00edl u tohoto \u00fatoku je, \u017ee \u00fato\u010dn\u00edk nevs\u00e1z\u00ed  na to, \u017ee v\u00e1m dlouhodob\u011b bude p\u0159et\u011b\u017eovat web, ale \u017ee v\u00e1m jej odstav\u00ed provozovatel. \u00datoky jsou tak kr\u00e1tk\u00e9 s c\u00edlem p\u0159ekro\u010dit limity. Vid\u00edme je hlavn\u011b c\u00edlit na weby vyu\u017e\u00edvaj\u00edc\u00ed r\u016fzn\u00e1 hostovan\u00e1 \u0159e\u0161en\u00ed pro CMS a eCommerce. <\/p>\n\n\n\n<p>A co dal\u0161\u00ed L7 \u00fatoky? Do statistik se prom\u00edtly hlavn\u011b nov\u00e9 \u00fatoky a na nov\u00e9 z\u00e1kazn\u00edky. 259,7% n\u00e1r\u016fst HTTP flood vypad\u00e1 hroziv\u011b, ale jsou to pr\u00e1v\u011b jen prvn\u00ed vte\u0159iny a\u017e des\u00edtky vte\u0159in ne\u017e se sepnou dal\u0161\u00ed ochrany. Pokles Slowloris, Connection Exhaustion atd. kompenzuje v\u00fdrazn\u00fd n\u00e1r\u016fst v z\u00e1\u0159\u00ed. Blokov\u00e1no pravidlem WAF jsou z p\u0159ev\u00e1\u017en\u00e9 \u010d\u00e1sti \u00fatoky na WordPress a z men\u0161\u00ed \u010d\u00e1sti hled\u00e1n\u00ed obecn\u00fdch zranitelnost\u00ed.<\/p>\n\n\n\n<figure class=\"wp-block-table is-style-regular\"><table><tbody><tr><td>L7 DDoS &#8211; zachycen\u00fdch limitov\u00e1n\u00edm p\u0159\u00edstup\u016f (HTTP flood)<\/td><td class=\"has-text-align-right\" data-align=\"right\"><strong>51&nbsp;419&nbsp;767<\/strong><\/td><td class=\"has-text-align-right\" data-align=\"right\">+259,70&nbsp;%<\/td><\/tr><tr><td>L7 DDoS &#8211; zachycen\u00fdch probl\u00e9mov\u00fdch spojen\u00ed (Slowloris, Connection Exhaustion atd.)<\/td><td class=\"has-text-align-right\" data-align=\"right\"><strong>2 952 227<\/strong><\/td><td class=\"has-text-align-right\" data-align=\"right\">-22,72&nbsp;%<\/td><\/tr><tr><td>Blokov\u00e1no pravidlem WAF<\/td><td class=\"has-text-align-right\" data-align=\"right\"><strong>22&nbsp;916&nbsp;633<\/strong><\/td><td class=\"has-text-align-right\" data-align=\"right\">-12,24&nbsp;%<\/td><\/tr><tr><td>Dal\u0161\u00ed blokov\u00e1n\u00ed L7<\/td><td class=\"has-text-align-right\" data-align=\"right\"><strong>4&nbsp;770&nbsp;949<\/strong><\/td><td class=\"has-text-align-right\" data-align=\"right\">-22,36 %<\/td><\/tr><\/tbody><\/table><figcaption class=\"wp-element-caption\">L7 \u00fatoky zastaven\u00e9 WGP, kter\u00e9 pro\u0161ly p\u0159es ostatn\u00ed ochrany.<\/figcaption><\/figure>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile is-vertically-aligned-center has-white-color has-vivid-cyan-blue-background-color has-text-color has-background\" style=\"grid-template-columns:20% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"385\" height=\"400\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png\" alt=\"\" class=\"wp-image-123898 size-full lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png 385w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1-289x300.png 289w\" data-sizes=\"(max-width: 385px) 100vw, 385px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 385px; --smush-placeholder-aspect-ratio: 385\/400;\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><strong>Co je L7 DDoS \u00fatok?<\/strong><\/p>\n\n\n\n<p>L7 DDoS \u00fatok je typ kybernetick\u00fdch \u00fatok\u016f na web anebo aplikaci, kter\u00fd pou\u017e\u00edv\u00e1 b\u011b\u017en\u00e9 internetov\u00e9 po\u017eadavky jako GET a POST. C\u00edlem je zpomalit anebo znep\u0159\u00edstupnit webovou str\u00e1nku anebo t\u0159eba API. <\/p>\n\n\n\n<p>\u00datoky na L7 jsou obt\u00ed\u017en\u011b odhaliteln\u00e9 a odli\u0161iteln\u00e9 od norm\u00e1ln\u00edho provozu, proto\u017ee pou\u017e\u00edvaj\u00ed stejn\u00e9 protokoly a metody jako legitimn\u00ed u\u017eivatel\u00e9. K jejich eliminaci je pot\u0159eba pou\u017e\u00edt speci\u00e1ln\u00ed n\u00e1stroje a techniky a d\u016fkladnou anal\u00fdzu s\u00ed\u0165ov\u00e9ho provozu.<\/p>\n<\/div><\/div>\n\n\n\n<p>Tato \u010d\u00edsla jsou jen prvn\u00ed pokusy o \u00fatok. Jakmile se jedn\u00e1 o opakovan\u00e9 pokusy, kter\u00e9 naberou na s\u00edle (t\u0159eba des\u00edtky tis\u00edc probl\u00e9mov\u00fdch p\u0159\u00edstup\u016f za minutu), tak IP adresa jde na blacklist. Je to v\u0161ak slo\u017eit\u011bj\u0161\u00ed, proto\u017ee k r\u016fzn\u00fdm IP se chov\u00e1me odli\u0161n\u011b (t\u0159eba mobiln\u00ed oper\u00e1tor dostane JavaScript redirekt anebo capcha). Stejn\u011b tak k odli\u0161n\u00fdm form\u00e1m \u00fatok\u016f.<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile is-vertically-aligned-center has-white-color has-vivid-cyan-blue-background-color has-text-color has-background\" style=\"grid-template-columns:20% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"385\" height=\"400\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png\" alt=\"\" class=\"wp-image-123898 size-full lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png 385w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1-289x300.png 289w\" data-sizes=\"(max-width: 385px) 100vw, 385px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 385px; --smush-placeholder-aspect-ratio: 385\/400;\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><strong>Co je WAF (Web Application Firewall)?<\/strong><\/p>\n\n\n\n<p>WAF (Web Application Firewall) je ochrana na na\u0161ich reverzn\u00edch proxy serverech, kter\u00e1 je um\u00edst\u011bna mezi \u00fato\u010dn\u00edkem a va\u0161\u00edm webem. V re\u00e1ln\u00e9m \u010dase proch\u00e1z\u00ed ka\u017ed\u00fd po\u017eadavek a hled\u00e1 v n\u011bm specifick\u00e9 znaky \u00fatoku anebo zneu\u017eit\u00ed bezpe\u010dnostn\u00ed d\u00edry. Pokud naraz\u00ed na podez\u0159el\u00fd po\u017eadavek, m\u016f\u017ee jej p\u0159esm\u011brovat na test (p\u0159esm\u011brov\u00e1n\u00ed, captcha) anebo zablokovat.<\/p>\n<\/div><\/div>\n\n\n\n<p>P\u0159\u00edsn\u011bj\u0161\u00ed ochrana WordPress web\u016f pomoc\u00ed WAF je vid\u011bt i na statistice nejv\u011bt\u0161\u00edch chr\u00e1n\u011bn\u00fdch web\u016f. Ty, kter\u00e9 pou\u017e\u00edvaj\u00ed WordPress, maj\u00ed v\u00edce zablokovan\u00fdch \u00fatok\u016f. Ov\u0161em nezapom\u00ednejte, \u017ee i kdy\u017e nepou\u017e\u00edv\u00e1te WordPress, neznamen\u00e1 to, \u017ee se n\u011bkdo nepokou\u0161\u00ed \u00fato\u010dit anebo hledat zranitelnost jako by jste tam WordPress m\u011bli, co\u017e zat\u011b\u017euje webserver.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"810\" height=\"976\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-weby.png\" alt=\"Nejv\u011bt\u0161\u00ed weby chr\u00e1n\u011bn\u00e9 WEDOS Global Protection podle po\u010dtu p\u0159\u00edstup\u016f za \u0159\u00edjen.\" class=\"wp-image-390378 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-weby.png 810w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-weby-249x300.png 249w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-weby-768x925.png 768w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 810px; --smush-placeholder-aspect-ratio: 810\/976;\" \/><figcaption class=\"wp-element-caption\">Nejv\u011bt\u0161\u00ed weby chr\u00e1n\u011bn\u00e9 WEDOS Global Protection podle po\u010dtu p\u0159\u00edstup\u016f za \u0159\u00edjen.<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Kdy\u017e \u00fato\u010d\u00ed 162 tis\u00edc unik\u00e1tn\u00edch IP na 143 tis\u00edc web\u016f<\/h3>\n\n\n\n<p>V pond\u011bl\u00ed 23. \u0159\u00edjna jsme za\u017eili nejrozs\u00e1hlej\u0161\u00ed \u00fatok na instalace WordPress. Byl to celkem zaj\u00edmav\u00fd \u00fatok a tak jsme k n\u011bmu napsali samostatn\u00fd \u010dl\u00e1nek.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.wedos.cz\/kdyz-utoci-162-tisic-unikatnich-ip-na-143-tisic-webu\" target=\"_blank\" rel=\"noopener\">https:\/\/blog.wedos.cz\/kdyz-utoci-162-tisic-unikatnich-ip-na-143-tisic-webu<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">L3\/L4<\/h3>\n\n\n\n<p>Samoz\u0159ejm\u011b na\u0161i z\u00e1kazn\u00edci jsou tak\u00e9 pod klasick\u00fdmi L3\/L4 DDoS \u00fatoky. Nicm\u00e9n\u011b ve v\u011bt\u0161in\u011b p\u0159\u00edpad\u016f to nestoj\u00ed za \u0159e\u010d. Na\u0161e ochrany jsou stav\u011bny na \u00fatoky ve stovk\u00e1ch Gbps. V\u0161e pod 10 Gbps ani nepos\u00edl\u00e1 notifikaci technik\u016fm. V\u0161e \u0159e\u0161\u00ed automaty. V \u0159\u00edjnu se ochrany vesm\u011bs nudily. Pouze jeden volumetrick\u00fd \u00fatok byl zaj\u00edmav\u00fd.<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile is-vertically-aligned-center has-white-color has-vivid-cyan-blue-background-color has-text-color has-background\" style=\"grid-template-columns:20% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"385\" height=\"400\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png\" alt=\"\" class=\"wp-image-123898 size-full lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png 385w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1-289x300.png 289w\" data-sizes=\"(max-width: 385px) 100vw, 385px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 385px; --smush-placeholder-aspect-ratio: 385\/400;\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><strong>Co jsou L3\/L4 \u00fatoky?<\/strong><\/p>\n\n\n\n<p>DDoS \u00fatoky na L3 a L4 vrstv\u011b se zam\u011b\u0159uj\u00ed na s\u00ed\u0165ovou a transportn\u00ed vrstvu a vyu\u017e\u00edvaj\u00ed r\u016fzn\u00e9 techniky, jak zahlcovat c\u00edlov\u00e9 servery nebo za\u0159\u00edzen\u00ed.<br><br>S\u00ed\u0165ov\u00e1 vrstva (L3) &#8211; zaji\u0161\u0165uje sm\u011brov\u00e1n\u00ed dat mezi r\u016fzn\u00fdmi s\u00edt\u011bmi pomoc\u00ed logick\u00fdch adres (IP).<br><br>Transportn\u00ed vrstva (L4) &#8211; zaji\u0161\u0165uje spolehliv\u00fd a \u0159\u00edzen\u00fd p\u0159enos dat mezi koncov\u00fdmi body pomoc\u00ed protokol\u016f jako TCP nebo UDP.<\/p>\n<\/div><\/div>\n\n\n\n<p>Celkem jsme evidovali <strong>7 438<\/strong> (-49,73 %) DDoS \u00fatok\u016f. Po ru\u0161en\u00e9m z\u00e1\u0159\u00ed tak byl sp\u00ed\u0161e klid.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"489\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4-1024x489.png\" alt=\"\" class=\"wp-image-390383 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4-1024x489.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4-300x143.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4-768x366.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-l3-l4.png 1264w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/489;\" \/><\/a><figcaption class=\"wp-element-caption\">Tradi\u010dn\u00ed DDoS \u00fatoky za \u0159\u00edjen.<\/figcaption><\/figure>\n\n\n\n<p>Tradi\u010dn\u00ed volumetrick\u00e9 DDoS \u00fatoky prob\u00edhaj\u00ed trochu jinak. Je to v\u00edce druh\u016f \u00fatok\u016f nar\u00e1z. Tak\u017ee jednotliv\u00e9 \u00fatoky mohou m\u00edt t\u0159eba do 10 Gbps, ale ve v\u00fdsledku, kdy\u017e se to v\u0161echno spoj\u00ed, tak se dostanete k des\u00edtk\u00e1m anebo stovk\u00e1m Gbps. Pokud vezmeme nejsiln\u011bj\u0161\u00ed \u00fatok, tak vych\u00e1z\u00ed n\u00e1sledovn\u011b:<\/p>\n\n\n\n<p>Nejsiln\u011bj\u0161\u00ed DDoS \u00fatok m\u011bl n\u011bco p\u0159es 14 Gbps a trval jen kr\u00e1tce. Nikdo ze z\u00e1kazn\u00edk\u016f si ni\u010deho nev\u0161iml.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"502\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4-1024x502.png\" alt=\"\" class=\"wp-image-390390 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4-1024x502.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4-300x147.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4-768x377.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231101-rijen-1-nejsilnejsi-l3-l4.png 1274w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/502;\" \/><\/a><\/figure>\n\n\n\n<p>Pro dne\u0161n\u00ed p\u0159ehled jsme v\u00e1m tak\u00e9 p\u0159ipravili tabulku nejsiln\u011bj\u0161\u00edch L3\/L4 jednotliv\u00fdch DDoS  \u00fatok\u016f za \u0159\u00edjen 2023. \u00dato\u010dn\u00edci v\u011bt\u0161inou skl\u00e1daj\u00ed takov\u00e9to \u00fatoky do jednoho masivn\u00edho. <\/p>\n\n\n\n<figure class=\"wp-block-table is-style-regular\"><table><thead><tr><th class=\"has-text-align-center\" data-align=\"center\">C\u00edl<\/th><th class=\"has-text-align-right\" data-align=\"right\">Top Packets\/s<\/th><th class=\"has-text-align-right\" data-align=\"right\">Top Bits\/s<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-center\" data-align=\"center\">Webhosting<\/td><td class=\"has-text-align-right\" data-align=\"right\">2.6 M<\/td><td class=\"has-text-align-right\" data-align=\"right\">9.3 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">VPS<\/td><td class=\"has-text-align-right\" data-align=\"right\">2.6 M<\/td><td class=\"has-text-align-right\" data-align=\"right\">9.0 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">VPS<\/td><td class=\"has-text-align-right\" data-align=\"right\">822.2 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">9.0 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">Infrastruktura<\/td><td class=\"has-text-align-right\" data-align=\"right\">789.3 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.9 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">VPS<\/td><td class=\"has-text-align-right\" data-align=\"right\">787.5 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.8 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">VPS<\/td><td class=\"has-text-align-right\" data-align=\"right\">777.1 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.8 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">Dedikovan\u00fd server<\/td><td class=\"has-text-align-right\" data-align=\"right\">661.4 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.7 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">Webhosting<\/td><td class=\"has-text-align-right\" data-align=\"right\">660.6 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.6 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">VPS<\/td><td class=\"has-text-align-right\" data-align=\"right\">635.5 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.5 G<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">Dedikovan\u00fd server<\/td><td class=\"has-text-align-right\" data-align=\"right\">632.8 k<\/td><td class=\"has-text-align-right\" data-align=\"right\">8.4 G<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Nejsiln\u011bj\u0161\u00ed L7 DDoS \u00fatoky<\/h3>\n\n\n\n<p>Ka\u017ed\u00fd m\u011bs\u00edc pro v\u00e1s p\u0159ipravujeme seznam nejsiln\u011bj\u0161\u00edch a zaj\u00edmav\u00fdch DDoS \u00fatok\u016f p\u0159es L7. Pracujeme pouze s po\u017eadavky, kter\u00e9 projdou a\u017e k WAF, tedy p\u0159es blacklisty a \u0159adu dal\u0161\u00edch ochran. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1. \u00datok na wedos.com &#8211; \u0161pi\u010dka 2,7M po\u017eadavk\u016f za minutu<\/h4>\n\n\n\n<p>Prvn\u00ed m\u00edsto tento m\u011bs\u00edc bere n\u00e1\u0161 web. Za\u010d\u00e1tkem \u0159\u00edjna p\u0159i\u0161el velmi kr\u00e1tk\u00fd, ale siln\u00fd \u00fatok. Podle log\u016f trval necelou minutu. \u00dato\u010dn\u00edci protla\u010dili a\u017e k WAF 2,76 milionu po\u017eadavk\u016f z 2 223 UIP a dokonce 2 requesty vr\u00e1tily 502. <\/p>\n\n\n\n<p>Od t\u00e9 doby jsme p\u00e1r podstatn\u00fdch v\u011bc\u00ed vylep\u0161ili. Jednak pravidla, jak tyto konkr\u00e9tn\u00ed \u00fatoky l\u00e9pe zvl\u00e1dat a tak\u00e9 zp\u016fsob, jak se s prvn\u00edm n\u00e1porem vypo\u0159\u00e1dat. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"428\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com-1024x428.png\" alt=\"\" class=\"wp-image-391978 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com-1024x428.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com-300x125.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com-768x321.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com-1536x641.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231001-utok-na-wedos-com.png 1806w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/428;\" \/><\/a><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>V polovin\u011b \u0159\u00edjna byl n\u00e1\u0161 web pod dal\u0161\u00edm v\u011bt\u0161\u00edm \u00fatokem 1,6M po\u017eadavk\u016f ve \u0161pi\u010dce  z 2 874 UIP. <\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">2. \u00datok na e-shop &#8211; \u0161pi\u010dka 1,7M po\u017eadavk\u016f za minutu<\/h4>\n\n\n\n<p>V \u0159\u00edjnu jsme z\u00edskali nov\u00e9ho z\u00e1kazn\u00edka, kter\u00e9mu poskytovatel vyp\u00ednal web poka\u017ed\u00e9, kdy\u017e na n\u011bj \u0161el \u00fatok. \u00datoky se n\u00e1m poda\u0159ilo vy\u0159e\u0161it okam\u017eit\u011b. Nicm\u00e9n\u011b n\u00e1s p\u0159ekvapila jejich s\u00edla. Na b\u011b\u017en\u00fd e-shop je \u00fatok s 1,7M po\u017eadavky za minutu z 4 174 UIP opravdu hodn\u011b. Sta\u010d\u00ed zlomek. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"444\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop-1024x444.png\" alt=\"\" class=\"wp-image-391996 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop-1024x444.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop-300x130.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop-768x333.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop-1536x666.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231029-utok-na-eshop.png 1784w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/444;\" \/><\/a><\/figure>\n\n\n\n<p>Nutno podotknout, \u017ee tohoto z\u00e1kazn\u00edka se \u00fato\u010dn\u00edci opravdu sna\u017e\u00ed dostat. Po mnoha nezdarech se dokonce pustili do na\u0161ich web\u016f. Ale ty jsou b\u011b\u017en\u011b pod \u00fatokem v\u011bt\u0161\u00edho kalibru. \u010c\u00edm v\u00edce se sna\u017e\u00ed, t\u00edm v\u00edce o nich v\u00edme a na\u0161e ochrany pr\u016fb\u011b\u017en\u011b zlep\u0161ujeme.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. \u00datok na web dopravn\u00edho podniku &#8211; \u0161pi\u010dka 1,3M za minutu, 7 887 UIP<\/h4>\n\n\n\n<p>V \u0159\u00edjnu \u0159ady na\u0161ich z\u00e1kazn\u00edk\u016f, kte\u0159\u00ed jsou pod \u00fatokem a rychle pot\u0159ebuj\u00ed pomoc, roz\u0161\u00ed\u0159il i dopravn\u00ed podnik jednoho krajsk\u00e9ho m\u011bsta. Nutno \u0159\u00edct, \u017ee \u00fatok na n\u011b pat\u0159il mezi ty zaj\u00edmav\u011bj\u0161\u00ed.  Byl srovnateln\u00fd s t\u00edm, co shazuje weby velk\u00fdch firem, bank a st\u00e1tu v \u010cR.  V \u0159\u00edjnu prob\u011bhlo n\u011bkolik \u00fatok\u016f pro-rusk\u00fdch hacktivistick\u00fdch skupin. Tento web v\u0161ak u\u017e nedostali a nemuseli jsme ani nijak omezovat konektivitu ze zahrani\u010d\u00ed, naopak v\u0161e jsme jim d\u00edky cache zrychlili ;).<\/p>\n\n\n\n<p>Ne\u017e to \u00fato\u010dn\u00edci vzdali, tak poslali 64 milion\u016f po\u017eadavk\u016f z 7 887 UIP. Ve \u0161pi\u010dce to bylo 1,3M po\u017eadavk\u016f za minutu.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"443\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik-1024x443.png\" alt=\"\" class=\"wp-image-392046 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik-1024x443.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik-300x130.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik-768x332.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik-1536x664.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231013-utok-na-dopravni-podnik.png 1779w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/443;\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Bonus &#8211; \u00datok na web obce &#8211; \u0161pi\u010dka 241K po\u017eadavk\u016f za minutu<\/h4>\n\n\n\n<p>N\u011bkdo se rozhodl znep\u0159\u00edjemnit sobotn\u00ed odpoledne jedn\u00e9 obci v Kr\u00e1lov\u00e9hradeck\u00e9m kraji. A\u010dkoliv \u00fatok nen\u00ed a\u017e tak impozantn\u00ed &#8222;jen&#8220; 241 tis\u00edc za minutu ve \u0161pi\u010dce (celkem 795 tis\u00edc po\u017eadavk\u016f z 2 240 UIP), tak \u00fatok byl sou\u010d\u00e1st\u00ed dal\u0161\u00edch \u00fatok\u016f, kter\u00e9 vedly nap\u0159\u00edklad i na jejich \u0161kolu (jin\u00fd web). <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" width=\"1024\" height=\"443\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce-1024x443.png\" alt=\"\" class=\"wp-image-392033 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce-1024x443.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce-300x130.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce-768x332.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce-1536x664.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/2020231021-utok-na-web-obce.png 1801w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/443;\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Z\u00e1v\u011br<\/h2>\n\n\n\n<p>Na\u0161e infrastruktura WEDOS Global je navr\u017eena tak, aby byla nejen robustn\u00ed, ale i schopn\u00e1 se p\u0159izp\u016fsobit budouc\u00edm v\u00fdzv\u00e1m. S WEDOS Global m\u00e1me nejen vizi, ale i re\u00e1ln\u00e9 n\u00e1stroje a technologie, kter\u00e9 n\u00e1s \u0159ad\u00ed mezi l\u00eddry v poskytov\u00e1n\u00ed internetov\u00fdch slu\u017eeb. Jsme si pln\u011b v\u011bdomi na\u0161eho potenci\u00e1lu prorazit na glob\u00e1ln\u00edm trhu a s hrdost\u00ed pokra\u010dujeme v poskytov\u00e1n\u00ed inovativn\u00edch a kvalitn\u00edch \u0159e\u0161en\u00ed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>V \u0159\u00edjnu jsme hlavn\u011b ladili cachov\u00e1n\u00ed obsahu. Poda\u0159ilo se n\u00e1m dos\u00e1hnout velk\u00e9ho pokroku zvl\u00e1\u0161t\u011b u WordPress web\u016f. Jak\u00fdkoliv statick\u00fd obsah dok\u00e1\u017eeme vracet za tis\u00edciny vte\u0159iny po obdr\u017een\u00ed requestu od u\u017eivatele a p\u0159itom si kontrolovat, zdali je aktu\u00e1ln\u00ed v jednotk\u00e1ch vte\u0159in a\u017e 60 vte\u0159in (v z\u00e1vislosti na tarifu). Pr\u016fm\u011brn\u00fd web na WEDOS Global Protection se zrychlil &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/blog.wedos.com\/cs\/waf-report-z-wedos-global-protection-za-rijen-2023\" class=\"more-link\">Pokra\u010dovat ve \u010dten\u00ed<span class=\"screen-reader-text\"> &#8222;WAF report z WEDOS Global Protection za \u0159\u00edjen  2023&#8220;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":392069,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[112],"tags":[204,203,122,200,186,177],"class_list":["post-386604","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost","tag-cache","tag-cdn","tag-ddos","tag-waf","tag-wedos-global","tag-wedos-global-protection"],"_links":{"self":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/386604","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/comments?post=386604"}],"version-history":[{"count":15,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/386604\/revisions"}],"predecessor-version":[{"id":420806,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/386604\/revisions\/420806"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/media\/392069"}],"wp:attachment":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/media?parent=386604"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/categories?post=386604"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/tags?post=386604"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}