Access Denied Information gathering thought

In today’s security aware age, it’s important to reflect on past mitigation’s and see if we can improve them.   Whilst doing recon on this WordPress install I realised that my nginx installation was returning very identifiable responses to directory traversal and directory fuzzing attack. In that it would respond …

Diagnosing and Mitigating Layer 7 (Application Layer) Distributed Denial of Service Attacks (Microcache/F2B/PHP5-FPM)

So, recently I began researching ways of hosting a CMS controlled site manually to cope with a high legitimate request load or a Layer 7 DDoS attack (Application Layer of the OSI Model). I have been the recipient of such attacks before which instantly gave out the “Resource Limit Exceeded” …