{"id":418671,"date":"2023-11-25T10:01:22","date_gmt":"2023-11-25T09:01:22","guid":{"rendered":"https:\/\/blog.wedos.com\/?p=418671"},"modified":"2024-02-26T09:23:11","modified_gmt":"2024-02-26T08:23:11","slug":"otestovali-jsme-na-sobe-novou-ochranu-proti-l7-ddos-utokum","status":"publish","type":"post","link":"https:\/\/blog.wedos.com\/cs\/otestovali-jsme-na-sobe-novou-ochranu-proti-l7-ddos-utokum","title":{"rendered":"Otestovali jsme na sob\u011b novou ochranu proti L7 DDoS \u00fatok\u016fm"},"content":{"rendered":"\n<p>\u010c\u00edm v\u00edce se \u0161\u00ed\u0159\u00ed pov\u011bdom\u00ed o WEDOS Global a p\u0159ich\u00e1z\u00ed k n\u00e1m st\u00e1le v\u00edce a v\u00edce nov\u00fdch z\u00e1kazn\u00edk\u016f, kte\u0159\u00ed maj\u00ed s DDoS \u00fatoky probl\u00e9m, t\u00edm frustrovan\u011bj\u0161\u00ed jsou i \u00fato\u010dn\u00edci. To vede k intenzivn\u011bj\u0161\u00edm \u00fatok\u016fm na n\u00e1\u0161 web a infrastrukturu. N\u011bkdy se opravdu sna\u017e\u00ed, a my tak z\u00edsk\u00e1v\u00e1me cenn\u00e1 data a zku\u0161enosti \ud83d\ude42 .<\/p>\n\n\n\n<!--more-->\n\n\n\n<figure class=\"wp-block-audio\"><audio controls src=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2024\/02\/updated-otestovalijsmenasobve-1.mp3\"><\/audio><\/figure>\n\n\n\t\r\n\t<div id=\"podcast-subscribe-button-103338\" class=\"secondline-psb-radius-style secondline-psb-alignment-none\">\r\n\t\t\r\n\r\n<div class=\"secondline-psb-subscribe-icons\"><span class=\"secondline-psb-subscribe-Spotify\"><a title=\"Spotify\" onMouseOver=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" onMouseOut=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" style=\"color:#ffffff; background-color:#cecece\" class=\"button podcast-subscribe-button\" href=\"https:\/\/open.spotify.com\/show\/601abFlNcA1IiDLBZKKTLM\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"secondline-psb-subscribe-img lazyload\" data-src=\"https:\/\/blog.wedos.com\/wp-content\/plugins\/podcast-subscribe-buttons\/assets\/img\/icons\/Spotify.svg\" alt=\"Spotify\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 64px; --smush-placeholder-aspect-ratio: 64\/64;\" \/><\/a><\/span><span class=\"secondline-psb-subscribe-Apple-Podcasts\"><a title=\"Apple-Podcasts\" onMouseOver=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" onMouseOut=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" style=\"color:#ffffff; background-color:#cecece\" class=\"button podcast-subscribe-button\" href=\"https:\/\/podcasts.apple.com\/us\/podcast\/wedos-podcasts\/id1631119933\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"secondline-psb-subscribe-img lazyload\" data-src=\"https:\/\/blog.wedos.com\/wp-content\/plugins\/podcast-subscribe-buttons\/assets\/img\/icons\/Apple-Podcasts.svg\" alt=\"Apple Podcasts\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 64px; --smush-placeholder-aspect-ratio: 64\/64;\" \/><\/a><\/span><span class=\"secondline-psb-subscribe-Google-Podcasts\"><a title=\"Google-Podcasts\" onMouseOver=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" onMouseOut=\"this.style.color=`#ffffff`; this.style.backgroundColor=`#cecece`\" style=\"color:#ffffff; background-color:#cecece\" class=\"button podcast-subscribe-button\" href=\"https:\/\/podcasts.google.com\/feed\/aHR0cHM6Ly9wb2RjYXN0cy53ZWRvcy5jb20vZmVlZC9wb2RjYXN0\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"secondline-psb-subscribe-img lazyload\" data-src=\"https:\/\/blog.wedos.com\/wp-content\/plugins\/podcast-subscribe-buttons\/assets\/img\/icons\/Google-Podcasts.png\" alt=\"Google Podcasts\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 64px; --smush-placeholder-aspect-ratio: 64\/64;\" \/><\/a><\/span><\/div>                                       \r\n\t\t\r\n\t<\/div>\n\n\n\n<p>Na na\u0161em webu tak m\u016f\u017eeme testovat nov\u00e9 metody ochrany p\u0159ed DDoS \u00fatoky, zkoumat jejich efektivitu a z\u00e1t\u011b\u017e na c\u00edlov\u00fd server. 20. 11. 2023 jsme otestovali novou formu ochrany, kter\u00e1 skv\u011ble funguje proti \u201ehloup\u00fdm\u201c L7 DDoS Flood \u00fatok\u016fm.<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile is-vertically-aligned-center has-white-color has-vivid-cyan-blue-background-color has-text-color has-background\" style=\"grid-template-columns:20% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"385\" height=\"400\" data-src=\"https:\/\/blog.wedos.cz\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png\" alt=\"\" class=\"wp-image-123898 size-full lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1.png 385w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2022\/12\/ladik-rbt-1-289x300.png 289w\" data-sizes=\"(max-width: 385px) 100vw, 385px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 385px; --smush-placeholder-aspect-ratio: 385\/400;\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><strong>Co je L7 DDoS \u00fatok?<\/strong><\/p>\n\n\n\n<p>HTTP L7 Flood \u00fatok je forma DDoS, kter\u00e1 c\u00edl\u00ed na 7. vrstvu modelu OSI (Open Systems Interconnection), tedy na aplika\u010dn\u00ed vrstvu. Tento typ \u00fatoku je zvl\u00e1\u0161t\u011b z\u00e1ke\u0159n\u00fd, proto\u017ee vyu\u017e\u00edv\u00e1 legitimn\u011b vypadaj\u00edc\u00ed HTTP po\u017eadavky k p\u0159et\u00ed\u017een\u00ed c\u00edlov\u00e9ho webov\u00e9ho serveru nebo aplikace. \u00dato\u010dn\u00edci generuj\u00ed obrovsk\u00e9 mno\u017estv\u00ed HTTP po\u017eadavk\u016f GET nebo POST, kter\u00e9 mohou b\u00fdt maskov\u00e1ny tak, aby vypadaly jako b\u011b\u017en\u00fd u\u017eivatelsk\u00fd provoz, co\u017e komplikuje jejich detekci a blokov\u00e1n\u00ed.<\/p>\n\n\n\n<p>Projevy HTTP L7 Flood \u00fatoku zahrnuj\u00ed v\u00fdznamn\u00e9 zpomalen\u00ed nebo \u00fapln\u00fd v\u00fdpadek webov\u00e9 slu\u017eby, abnorm\u00e1ln\u011b vysok\u00e9 vyu\u017eit\u00ed serverov\u00fdch zdroj\u016f (CPU, pam\u011b\u0165) a n\u00e1r\u016fst po\u010dtu HTTP po\u017eadavk\u016f zaznamenan\u00fdch v log souborech, \u010dasto z n\u011bkolika tis\u00edc IP adres a stovek s\u00edt\u00ed. Tyto \u00fatoky mohou v\u00e9st k \u010d\u00e1ste\u010dn\u00e9mu nebo \u00fapln\u00e9mu v\u00fdpadku poskytovan\u00fdch slu\u017eeb.<\/p>\n\n\n\n<p>Blokov\u00e1n\u00ed HTTP L7 Flood \u00fatok\u016f je v\u00fdzvou z n\u011bkolika d\u016fvod\u016f:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Maskov\u00e1n\u00ed jako legitimn\u00ed provoz<\/strong>: \u00datoky na aplika\u010dn\u00ed vrstvu \u010dasto vypadaj\u00ed jako b\u011b\u017en\u00fd u\u017eivatelsk\u00fd provoz, co\u017e komplikuje jejich odli\u0161en\u00ed od legitimn\u00edch po\u017eadavk\u016f.<\/li>\n\n\n\n<li><strong>Rozmanitost a slo\u017eitost aplikac\u00ed<\/strong>: Aplikace na vrstv\u011b 7 maj\u00ed r\u016fzn\u00e9 funkce a charakteristiky, co\u017e zt\u011b\u017euje vytvo\u0159en\u00ed jednotn\u00e9 obrann\u00e9 strategie.<\/li>\n\n\n\n<li><strong>N\u00edzk\u00e1 p\u0159edv\u00eddatelnost \u00fatoku<\/strong>: \u00datoky mohou b\u00fdt vysoce prom\u011bnliv\u00e9 co do objemu, trv\u00e1n\u00ed a pou\u017eit\u00fdch technik, co\u017e vy\u017eaduje adaptabiln\u00ed obrann\u00e9 mechanismy.<\/li>\n<\/ol>\n<\/div><\/div>\n\n\n\n<p>Pro n\u00e1s je detekce L7 DDoS Flood \u00fatok\u016f technicky jednodu\u0161\u0161\u00ed, proto\u017ee reverzn\u00ed proxy mezi u\u017eivatelem a c\u00edlov\u00fdm serverem vid\u00ed do provozu. Mohou jej tak detailn\u011b analyzovat, co\u017e je z\u00e1klad pro n\u011bkter\u00e9 pokro\u010dilej\u0161\u00ed formy L7 \u00fatok\u016f, a dokonce do n\u011bj vstoupit.<\/p>\n\n\n\n<p>Toho vyu\u017e\u00edv\u00e1me nap\u0159\u00edklad u nov\u00fdch zranitelnost\u00ed WordPress, kde \u00fatok zneu\u017e\u00edv\u00e1 n\u011bjak\u00fd neo\u0161et\u0159en\u00fd vstup. Naposledy jsme takto manu\u00e1ln\u011b p\u0159idali pravidlo, kter\u00e9 eliminovalo riziko nov\u00e9 zranitelnosti v pluginu WP Fastest Cache pro WordPress (CVE-2023-6063). \u00dato\u010dn\u00edk pomoc\u00ed upraven\u00e9 cookie mohl prov\u00e9st SQLi \u00fatok na libovolnou instalaci. Po\u017eadavek s cookie obsahuj\u00edc\u00ed SQLi jsme eliminovali.<\/p>\n\n\n\n<p>M\u00e1me tedy velmi detailn\u00ed p\u0159ehled o ka\u017ed\u00e9m po\u017eadavku sm\u011b\u0159uj\u00edc\u00edm na chr\u00e1n\u011bn\u00fd web z\u00e1kazn\u00edka, kter\u00fd daleko p\u0159ekra\u010duje b\u011b\u017en\u00e9 logov\u00e1n\u00ed (access log, error log), a tak\u00e9 m\u00e1me opravdu \u0161irokou \u0161k\u00e1lu mo\u017enost\u00ed, jak zareagovat. Kdy\u017e si to spoj\u00edte s agregac\u00ed dat ze v\u0161ech webhosting\u016f a chr\u00e1n\u011bn\u00fdch web\u016f, tak n\u00e1sobn\u011b rostou na\u0161e mo\u017enosti detekce \u00fapln\u011b nov\u00fdch hrozeb, zranitelnost\u00ed, botnet\u016f a tak d\u00e1le.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Jak (ne)zablokovat \u00fatok<\/h2>\n\n\n\n<p>V \u0159\u00edjnu jsme za\u010dali intenzivn\u011b pracovat na cachov\u00e1n\u00ed obsahu chr\u00e1n\u011bn\u00fdch web\u016f. V listopadu jsme pak hromadn\u011b nasadili cachov\u00e1n\u00ed pro v\u0161echny, co\u017e vedlo k razantn\u00edmu zrychlen\u00ed. Je obrovsk\u00fd rozd\u00edl, kdy\u017e cachujete obsah p\u0159\u00edmo na hostingu, nebo na na\u0161ich reverzn\u00edch proxy, kter\u00e9 jsou k tomu ur\u010den\u00e9.<\/p>\n\n\n\n<p>Reverzn\u00ed proxy jsou v\u017edy bl\u00ed\u017ee k n\u00e1v\u0161t\u011bvn\u00edk\u016fm \u2013 m\u00e1me servery v des\u00edtk\u00e1ch lokac\u00ed po cel\u00e9m sv\u011bt\u011b a postupn\u011b je propojujeme do lok\u00e1ln\u00edch a n\u00e1rodn\u00edch internetov\u00fdch uzl\u016f (IXP). Tak\u017ee n\u00e1\u0161 reverzn\u00ed server je p\u0159\u00edmo propojen k poskytovateli internetov\u00e9ho p\u0159ipojen\u00ed va\u0161ich z\u00e1kazn\u00edk\u016f. D\u00e1le v lokalit\u00e1ch m\u00e1me specializovan\u00e9 servery na cachov\u00e1n\u00ed, kter\u00e9 vyu\u017e\u00edvaj\u00ed jen k tomu ur\u010den\u00fd software. Je velk\u00fd rozd\u00edl, kdy\u017e cachovan\u00fd obsah vrac\u00ed v\u00e1\u0161 webserver, nebo n\u00e1\u0161 specializovan\u00fd reverzn\u00ed proxy server.<\/p>\n\n\n\n<p>Vyj\u00e1d\u0159eno v \u010d\u00edslech jsou to des\u00edtky a\u017e ni\u017e\u0161\u00ed stovky ms vs 1\u20132 ms. Nav\u00edc i cachovan\u00fd obsah na va\u0161em webserveru stoj\u00ed v\u00fdpo\u010detn\u00ed v\u00fdkon a konektivitu, co\u017e u n\u00e1s ne\u0159e\u0161\u00edte. N\u00e1m je jedno, jestli vr\u00e1t\u00edme deset nebo milion cachovan\u00fdch str\u00e1nek.<\/p>\n\n\n\n<p>Ale zp\u011bt k t\u00e9matu. Po odlad\u011bn\u00ed cache jsme si v\u0161imli, \u017ee vr\u00e1tit cachovan\u00fd obsah je, co se t\u00fdk\u00e1 serverov\u00fdch zdroj\u016f, daleko levn\u011bj\u0161\u00ed ne\u017e t\u0159eba captcha, kter\u00e1 se mus\u00ed generovat. Stejn\u011b tak to je s dal\u0161\u00edmi druhy ochran, kter\u00e9 pracuj\u00ed nap\u0159\u00edklad s p\u0159esm\u011brov\u00e1n\u00edm. Tak\u017ee co vracet \u00fato\u010dn\u00edk\u016fm prost\u011b cache a v\u016fbec je neblokovat?<\/p>\n\n\n\n<p>Tento experiment jsme provedli v pond\u011bl\u00ed 20. 11. 2023, kdy \u0161el \u00fatok na n\u00e1\u0161 web a jednu podstr\u00e1nku. Vzorec \u00fatoku \u201ehloup\u00fdch\u201c L7 DDoS \u00fatok\u016f je v posledn\u00edch dnech stejn\u00fd. Hlavn\u00ed str\u00e1nka na\u0161eho webu a n\u011bjak\u00e1 podstr\u00e1nka, ob\u010das oko\u0159en\u011bno parametrick\u00fdmi \u00fatoky. Pokud pou\u017e\u00edv\u00e1te WordPress, je snadn\u00e9 se tomu br\u00e1nit.<\/p>\n\n\n\n<p>\u00datok trval zhruba p\u011bt a p\u016fl minuty. Celkem p\u0159i\u0161lo 8,8 milion\u016f po\u017eadavk\u016f ze zhruba 2 tis\u00edc unik\u00e1tn\u00edch IP adres. \u0160pi\u010dka 2,4 milionu za minutu. Tohle jsou jen po\u017eadavky, kter\u00e9 pro\u0161ly p\u0159es blacklisty, r\u016fzn\u00e9 limitery a filtry. V\u011bt\u0161inou je to jen zlomek z p\u016fvodn\u00edho \u00fatoku, zpravidla 1\/3 a\u017e 1\/10. Z\u00e1le\u017e\u00ed na druhu botnetu. Jinak se chov\u00e1me k s\u00edt\u00edm mobiln\u00edch oper\u00e1tor\u016f a jinak k s\u00edt\u00edm poskytovatel\u016f server\u016f.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com.png\"><img decoding=\"async\" width=\"1024\" height=\"390\" data-src=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-1024x390.png\" alt=\"\" class=\"wp-image-418714 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-1024x390.png 1024w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-300x114.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-768x293.png 768w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-1536x585.png 1536w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com.png 1809w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/390;\" \/><\/a><figcaption class=\"wp-element-caption\">\u00datok na n\u00e1\u0161 web, L7 HTTP Flood.<\/figcaption><\/figure>\n\n\n\n<p>To, co vid\u00edte na grafu, dorazilo na WAF. Tam se s t\u00edm poprala \u0159ada filtr\u016f a pravidel. Poj\u010fme se pod\u00edvat, co se d\u011blo na koncov\u00e9m serveru. Tedy to, co pro\u0161lo a\u017e na webhosting \u2013 ano n\u00e1\u0161 hlavn\u00ed web jede na na\u0161em webhostingu NoLimit :).<\/p>\n\n\n\n<p>Na horn\u00edm grafu vid\u00edte po\u010det odbaven\u00fdch request\u016f. Zelen\u011b jsou 200 (vr\u00e1cen\u00ed str\u00e1nky) a mod\u0159e 3XX (301 p\u0159esm\u011brov\u00e1n\u00ed a 304 \u2026). Jak vid\u00edte, na na\u0161em webu se proh\u00e1n\u00ed vesele na\u0161i z\u00e1kazn\u00edci. Z \u00fatoku pro\u0161lo p\u00e1r request\u016f, kter\u00e9 nestoj\u00ed ani za \u0159e\u010d.<\/p>\n\n\n\n<p>Na spodn\u00edm grafu je d\u00e9lka odpov\u011bdi serveru v ms.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-testovani-cachovacich-ochran.png\"><img decoding=\"async\" width=\"930\" height=\"914\" data-src=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-testovani-cachovacich-ochran.png\" alt=\"\" class=\"wp-image-418729 lazyload\" data-srcset=\"https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-testovani-cachovacich-ochran.png 930w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-testovani-cachovacich-ochran-300x295.png 300w, https:\/\/blog.wedos.com\/wp-content\/uploads\/2023\/11\/20231120-utok-na-wedos-com-testovani-cachovacich-ochran-768x755.png 768w\" data-sizes=\"(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 930px; --smush-placeholder-aspect-ratio: 930\/914;\" \/><\/a><figcaption class=\"wp-element-caption\">Co z \u00fatoku pro\u0161lo na c\u00edlov\u00fd server.<\/figcaption><\/figure>\n\n\n\n<p>Od cca 21:43:40 prob\u00edhal \u00fatok na hlavn\u00ed str\u00e1nku. Tam se aplikuj\u00ed b\u011b\u017en\u00e1 pravidla. Filtrujeme \u00fatok a co projde v\u011bt\u0161inou nestoj\u00ed za \u0159e\u010d, proto\u017ee to web zvl\u00e1dne ust\u00e1t (p\u00e1r des\u00edtek po\u017eadavk\u016f za minutu). Nav\u00edc pravidla se s ka\u017ed\u00fdm opakovan\u00fdm po\u017eadavkem zp\u0159\u00eds\u0148uj\u00ed pro jednotliv\u00e9 podez\u0159el\u00e9 IP adresy. V\u011bt\u0161ina po\u017eadavk\u016f je zablokov\u00e1na na filtrech s limity. Z d\u016fvodu testov\u00e1n\u00ed je vypnut\u00e1 captcha ve v\u0161ech lokalit\u00e1ch.<\/p>\n\n\n\n<p>Od cca 21:47:15 \u00fato\u010dn\u00edk m\u011bn\u00ed strategii a \u00fato\u010d\u00ed na podstr\u00e1nku na\u0161eho webu. Tam u\u017e mu do cesty ned\u00e1v\u00e1me nic, jen cachovanou verzi webu.<\/p>\n\n\n\n<p>V tento okam\u017eik si ka\u017ed\u00e1 lokalita, kter\u00e1 obdr\u017e\u00ed po\u017eadavek o podstr\u00e1nku, ulo\u017e\u00ed jej\u00ed statick\u00fd otisk do sv\u00e9 cache a vrac\u00ed ji za 0,001 a\u017e 0,002 vte\u0159iny. Pokud ji dr\u017e\u00ed d\u00e9le jak 3 vte\u0159iny a obdr\u017e\u00ed po\u017eadavek znovu, tak se zept\u00e1 serveru, jestli cachovan\u00e1 verze plat\u00ed (po\u017eadavek se stavov\u00fdm k\u00f3dem 304). Proto tam vid\u00edte n\u00e1r\u016fst t\u011bch po\u017eadavk\u016f 3XX. Pokud bychom mezit\u00edm upravili str\u00e1nku, tak si st\u00e1hne novou verzi. Jinak pokra\u010duje d\u00e1l s t\u00edm, co m\u00e1.<\/p>\n\n\n\n<p>Po\u017eadavky 304 spot\u0159ebuj\u00ed zanedbateln\u00e9 mno\u017estv\u00ed v\u00fdpo\u010detn\u00edho v\u00fdkonu v porovn\u00e1n\u00ed s vr\u00e1cen\u00edm b\u011b\u017en\u00e9 str\u00e1nky (stavov\u00fd k\u00f3d 200). Je to vid\u011bt na grafu rychlosti odpov\u011bdi serveru. V porovn\u00e1n\u00ed s odpov\u011b\u010fmi 200, kter\u00e9 trvaj\u00ed 50\u201370ms, tak 304 vr\u00e1t\u00ed za 3\u20135 ms.<\/p>\n\n\n\n<p>Samoz\u0159ejm\u011b parametry m\u016f\u017eeme m\u011bnit. Nemus\u00edme kontrolovat, zdali m\u00e1te novou verzi str\u00e1nek ka\u017ed\u00e9 3 vte\u0159iny z ka\u017ed\u00e9 lokality. To v p\u0159\u00edpad\u011b \u00fatoku p\u0159es v\u0161echny lokality u slab\u0161\u00edch hosting\u016f m\u016f\u017ee nar\u00e1\u017eet na limity po\u017eadavk\u016f za minutu. Nen\u00ed probl\u00e9m nastavit 60 vte\u0159in nebo v\u00edce. V administraci WEDOS Global je v\u017edy mo\u017enost vy\u010distit cache ru\u010dn\u011b, pokud byste pot\u0159ebovali aktu\u00e1ln\u00ed obsah ihned.<\/p>\n\n\n\n<p>Za dv\u011b minuty to \u00fato\u010dn\u00edk vzd\u00e1v\u00e1 a ukon\u010d\u00ed \u00fatok. Pro\u010d tak\u00e9 pl\u00fdtvat drah\u00fdmi zdroji jeho botnetu na c\u00edl, kter\u00fd na \u00fatok nereaguje \u017e\u00e1dnou ochranou, a nav\u00edc se ani nezpomal\u00ed. C\u00edl\u016f, kter\u00e9 m\u016f\u017ee touto silou sest\u0159elit jinde a dr\u017eet off-line cel\u00e9 hodiny, je jinde po\u017eehnan\u011b.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Z\u00e1v\u011br<\/h2>\n\n\n\n<p>Nov\u00e1 forma ochrany si odbyla premi\u00e9ru a m\u016f\u017eeme ji d\u00e1le testovat a vylep\u0161ovat. Nasazena ale bude brzy. V\u0161em se to vyplat\u00ed. Nejsn\u00e1ze to p\u016fjde pro weby na WordPress a pak samoz\u0159ejm\u011b z\u00e1kazn\u00edky se statick\u00fdmi str\u00e1nkami.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u010c\u00edm v\u00edce se \u0161\u00ed\u0159\u00ed pov\u011bdom\u00ed o WEDOS Global a p\u0159ich\u00e1z\u00ed k n\u00e1m st\u00e1le v\u00edce a v\u00edce nov\u00fdch z\u00e1kazn\u00edk\u016f, kte\u0159\u00ed maj\u00ed s DDoS \u00fatoky probl\u00e9m, t\u00edm frustrovan\u011bj\u0161\u00ed jsou i \u00fato\u010dn\u00edci. To vede k intenzivn\u011bj\u0161\u00edm \u00fatok\u016fm na n\u00e1\u0161 web a infrastrukturu. N\u011bkdy se opravdu sna\u017e\u00ed, a my tak z\u00edsk\u00e1v\u00e1me cenn\u00e1 data a zku\u0161enosti \ud83d\ude42 .<\/p>\n","protected":false},"author":2,"featured_media":418791,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[112],"tags":[204,122,484,186,177],"class_list":["post-418671","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost","tag-cache","tag-ddos","tag-l7-http-flood","tag-wedos-global","tag-wedos-global-protection"],"_links":{"self":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/418671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/comments?post=418671"}],"version-history":[{"count":9,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/418671\/revisions"}],"predecessor-version":[{"id":576568,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/posts\/418671\/revisions\/576568"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/media\/418791"}],"wp:attachment":[{"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/media?parent=418671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/categories?post=418671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.wedos.com\/cs\/wp-json\/wp\/v2\/tags?post=418671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}