Feature Request: Legacy HTTP Support

It is a strange filter to block certain headers from PUT while letting them through POST. Must be a setting somewhere.

It is not inconceivable that the default setting will sanitize PUTs because, years ago, PUTs are seldomly used.

2 Likes

I think I’m going to keep it available just as a last resort, nginx rate limits + fail2ban is going a good job fighting current attacks at the moment.

Again it’s legacy crap that’s a last resort so you know. If we are getting hit with 1,000,000s of reqs per second it’s amazing that the site loads at all. (:heart: you ipsets)

1 Like

Perhaps something is messed up with reverse proxy (as you’re using unix socket I assume you have some proxy set up)?

1 Like

This is an inline proxy that I have zero control over - I have a toggle in my network control center to MITM port 80 and 443 to go through the proxy, it’s legacy hardware HTTP(s) DDoS Filtering. It’s a last resort now, I’ve seen quite a few unique HTTP Based Attacks and writing fail2ban filters to thwart them is a pretty standard task for me. That being said having the proxy always on would reduce my work load.