@bascule there’s also unicorn slow read attacks.. Trivial to perform and most sites don’t configure ngnix properly
-
-
-
@chendo yeah, the "trickle attack". That's easily preventable with proper timeouts though -
@bascule even with low timeouts, we’ve found that one still can easily lock up all the workers relatively easily -
@chendo depending on the nature of your service, you can set low (e.g. 1-5s) request timeouts
End of conversation
New conversation -
-
-
@bascule are there protections of are we all screwed as usual? I'd like to see best practices for stuff like that. -
-
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.