Reputation: 6800
How to detect DDOS attacks in ASP.Net Core
What is The best way of preventing the distributed denial-of-service and denial-of-service attacks in ASP.Net core?
How to handle protection in the request pipeline or separate middleware?
Upvotes: 5
Views: 7170
Answers (1)
Reputation: 5265
Apart from the obvious mitigation you can (and should) implement before the requests reach your application (e.g. in the web server itself), there are a number of ways to implement so-called request throttling in your pipeline.
Luckily, you don't need to re-invent the wheel. There are myriad NuGet packages and open-source projects that address this and that you can learn from.
The essence of it is, that you intercept the incoming requests and persist things like request URI and IP while cross-checking a request-per-time-unit limit and imposing a cool-down period when needed.
Needless to say, you'd put this as far up in your application's request pipeline as possible.
The following isn't a software recommendation but more of an example to learn about how this sort of middleware can be built. It really isn't that hard to grasp the basics of the process from it.
Upvotes: 4
Related Questions
- How can detect an auto DDoS attack?
- How ASP.NET Core prevents DDoS attack by limiting the request size?
- Best practice for protecting against Denial of Service(DoS) attacks in ASP.NET Core
- C# MVC: What is a good way to prevent Denial Of Service (DOS) attacks on ASP.NET sites?
- How to prevent DoS attack in ASP.NET MVC applications?
- DOS Protection in Azure Web APP
- ASP.Net module to block DOS attacks
- DDoS attack mitigation on Azure infrastructure
- ASP.NET Web application prevent denial of service attacks
- Prevent Malicious Requests - DOS Attacks