We were made aware of a potential Slowloris attack vulnerability for our Netlify site. Slowloris is a denial-of-service attack program which allows an attacker to overwhelm a targeted server by opening and maintaining many simultaneous HTTP connections between the attacker and the target. Is there a…

Hi, @ishaansinghal . That is a private repo that cannot be cloned without access. Also, the steps above do not include instructions to point that software at a Netlify sites. Finally, you are not permitted to be doing security testing at Netlify unless you have an Enterprise team or you are using th…

For some further context, this was reported to my team from our own bug bounty program by a whitehat hacker. It was reported on July 11, in which you can see a spike in page views despite not a substantial increase in number of users. I believe this was a demonstration by the whitehat of the vulnera…

Slowloris Denial of Service Attack

Support

hrishikesh August 5, 2023, 5:09pm 4

Netlify already has rate-limits in place: Hasura Instance is Blocked by Netlify

Your “attacker’s” threshold was probably so small that we did not bother limiting it. But you can use Edge Functions to setup your own rate-limits.

Topic		Replies	Views
Limits/Protection to avoid high billing caused by DDoS? Support billing-pricing , building , deployment , lambda-functions	2	800	September 5, 2020
I am the OP of that $104K bill post and I have some follow-up questions Support billing-pricing	7	9769	March 3, 2024
IP Address Rate Limiting in Netlify Support security	1	291	December 14, 2023
Limit bandwidth to avoid high billing caused by DDoS? Support billing-pricing	15	24965	February 27, 2024
Is there a Rate Limiter for serverless functions? Support lambda-functions	28	985	April 11, 2024

Slowloris Denial of Service Attack

Related topics