[Article] Changes introduced by HTTP/2 support

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Aprelium Forum Index -> 2.16 Beta [Closed]
View previous topic :: View next topic  
Author Message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 1295

PostPosted: Wed Aug 25, 2021 8:31 pm    Post subject: [Article] Changes introduced by HTTP/2 support Reply with quote

Some details in Abyss Web Server had to be updated to accomodate HTTP/2 support:

Throttling
Throttling in Abyss Web Server is now request-based. Some throttling parameters in previous versions referred to concurrent connections instead of concurrent requests since both counts are almost equivalent in HTTP/1.1.

But with HTTP/2's ability to multiplex multiple requests over the same connection, it was imperative to clarify the way throttling counters work.

Logging
Log files formart contains an excerpt of the HTTP request known as the "Request line" which looks like:
Code:
GET /test.html HTTP/1.1

Since HTTP/2 uses special headers to report the request verb (:method = GET) and virtual path (:path = /test.html), logging has to generate a fake "Request line" to mimic HTTP/1.1 semantics and to be compatible with the way logs are written and expected by analysis software.

A fictuous request line is generated for logging with HTTP/2.0 and looks like:
Code:
GET /test.html HTTP/2.0

Anti-hacking
The anti-hacking feature monitors incoming traffic to the Web server and blacklists IPs which send too many bad requests (i.e. requests which cause replies with a status code in the range from 400 to 499.)

When a visitor connects to the Web server, its IP is first checked against the blacklist: if it is there, the connection is aborted.

Now with the advent of HTTP/2 and long lasting multiplexed connections, the above test is also done for each new request even though it is made over a connection which IP was initially allowed.
This extension of the behavior of antihacking is required for mitigating situations where a visitor creates a HTTP/2 connection to the server, and starts sending bad requests over it.
Over time, the visitor's IP will be on the blacklist while the connection is still alive and maintained. So testing for the IP at each new request will help drop the connection as soon as the IP is flagged and put in the balacklist.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Aprelium Forum Index -> 2.16 Beta [Closed] All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group