Book Image

Lighttpd

By : Andre Bogus
Book Image

Lighttpd

By: Andre Bogus

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Lighttpd
Andre Bogus
Oct, 2008 | 240 pages
No titles found
Table of Contents (20 chapters)
Lighttpd
Lighttpd
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
Preface
Preface
Free Chapter
1
Introduction to Lighttpd
Introduction to Lighttpd
Installing Lighttpd
Building Lighttpd using Autotools
Building Lighttpd using CMake
Summary
2
Configuring and Running Lighttpd
Configuring and Running Lighttpd
Starting Lighttpd by Hand
Other Core Options
Mime Types
Selectors
Rewriting and Redirecting Requests
Including Variables, Files, and Shell-code
Summary
3
More Virtual Hosting and CGI
More Virtual Hosting and CGI
Extended Virtual Hosting
MySQL based Virtual Hosting
Going Dynamic
CGI with mod_cgi
FastCGI
SCGI
mod_proxy_core and backends
Summary
4
Downloads and Streams
Downloads and Streams
Core Settings
Traffic Shaping
Showing Directory Contents
Securing Downloads
Streaming Content
Putting it All Together
Summary
5
Big Brother Lighttpd
Big Brother Lighttpd
Privacy
O Browser, Where Art Thou?
Access Logging
Tracking Users
Other Data Points
Summary
6
Encryption: SSL
Encryption: SSL
Self-Signed Keys
Being our own Certificate Authority
Obtaining a Key Pair from a Third-Party Supplier
Configuring Lighttpd to use SSL
Summary
7
Securing Lighttpd
Securing Lighttpd
Barriers to Entry
Evading Denial of Service Attacks
Know Your Foe
Summary
8
Containing Lighttpd
Containing Lighttpd
Giving up Privileges
Changing Root
Separating the Backend
Summary
9
Optimizing Lighttpd
Optimizing Lighttpd
Installing http_load
Specific Optimizations
Profiling with gprof
Summary
10
Migration from Apache
Migration from Apache
Adding Lighttpd to the Mix
Excursion: mod_proxy
Reducing Apache Load
mod_perl, mod_php, and mod_python
.htaccess
Rewriting Rules
WebDAV
Summary
11
CGI Revisited
CGI Revisited
Ruby on Rails
WordPress
phpMyAdmin
MediaWiki
Trac
AWStats
AjaxTerm
Summary
12
Using Lua with Lighttpd
Using Lua with Lighttpd
Lua: A small Primer
Useful Lua Libraries
Lua/FastCGI
Running mod_magnet
Example: A Shoutbox
Summary
13
Writing Lighttpd Modules
Writing Lighttpd Modules
Handling Configuration
Rewriting the Request
Manipulating the Response
Summary
HTTP Status Codes
HTTP Status Codes
Module/Configuration Index
Module/Configuration Index
Internal
mod_access
mod_accesslog
mod_alias
mod_auth
mod_cgi
mod_cml
mod_chunked
mod_compress
mod_deflate
mod_dirlisting
mod_evasive
mod_evhost
mod_expire
mod_fastcgi
mod_flv_streaming
mod_indexfile
mod_magnet
mod_proxy
mod_proxy_core
mod_redirect
mod_rewrite
mod_rrdtool
mod_scgi
mod_secure_download
mod_setenv
mod_simple_vhost
mod_sql_vhost_core, mod_mysql_vhost
mod_ssi
mod_staticfile
mod_status
mod_trigger_b4_dl
mod_uploadprogress
mod_userdir
mod_usertrack
mod_webdav

Evading Denial of Service Attacks

A Denial of Service attack (or short DoS) is an attack by which the server is overwhelmed by requests until it exhausts one of the needed resources (like memory or file handles) and stops responding.

This type of attack does not take special skills; any script kiddie can launch one. However, Lighttpd is not easy to overwhelm, and we can make it even harder.

Before we try to evade them, we need to understand how DoS attacks are carried out. The idea is simple: send as many requests as you can to a server. This means the attacker can maximize the strength of the attacks by distributing the task of sending packets. This is the reason many folks try to take over as many computers as possible by sending out internet worms, creating a "bot-net" of lots of compromised machines.

To make things even worse, the attacker will swamp our Lighttpd with lots of request packets containing bogus IP addresses. So our poor Lighttpd will try to send out responses to other servers...

Previous Section
End of Section 3
Next Section