Re: [squid-users] Reverse - Apache - Syn Flood

From: Amos Jeffries <>
Date: Mon, 3 Nov 2008 12:27:33 +1300 (NZDT)

> Hi all,
> I want to setup Squid reverse proxy for my apache servers. But.. Can
> Squid protect my apache servers from Syn flood and Bot-Net attack ? or
> Squid drop this connection, when apache is the syn_recv ? or Squid
> Reverse be enough to this as resource ? or Can it be resource problem?
> thanks everybody..
> --
> Mehmet CELIK
> Istanbul/TURKEY

Squid simply acts as a speed buffer between the web and the Apache.

Yes it protects the apache by taking the full brunt of the attacks away.
If the flood is big enough to take down Squid, the website is still
offline. Since everything has to go through squid, that is equivalent to
taking out the Apache itself.

What squid does in these situations is raise the maximum level at which
such attack has any effect. Say your Apache can handle 500 req/sec and
Squid 8000 req/sec. The attacker has to bust more than 8000 req/sec to
kill the site instead of only 500.

Received on Sun Nov 02 2008 - 23:27:36 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 12:00:03 MST