PM4Py Web Services Security: DDoS protection
In this page, we will analyze the security of the web services, in the context to resistance to Denial of Service attacks.
Within the docker deployment, there are four files contained in the docker-sec-confs folder, that one can change accordingly to the preferences ane needs:
- jail.local (Fail2Ban Intrusion Detection Sofware) => /etc/fail2ban/jail.local
- limits.conf (limits to the header and body size of requests, the rate of connections and requests) => /etc/security/limits.conf
- nginx.conf (main configuration file of the NGINX server) => /etc/nginx/nginx.conf
- sysctl.conf (Linux configuration file, that can help managing the number of connections) => /etc/sysctl.conf
These files are copied inside the Docker container when it is built.
A detailed explanation of the meaning of the files is found in https://bobcares.com/blog/nginx-ddos-prevention/
Some default options are inside the files, that are not too obstructive for a small installation.