Best Practice for captcha based protection against D.O.S to Nginx Proxy

Question

The idea is explained here

In simple words, Nginx Proxy plays the role of load balance and transmits the HTTP/HTTPS requests to servers.

If the number of request times within a certain period from an individual IP exceeds a threshold, it will trigger a captcha for the upcoming requests.

And the end-user must input the correct captcha code before he can continue to access the site.

Do you know any open source / free NGINX module for this usage? I searched on the Internet and here is one of them: https://github.com/snbuback/nginx seems it needs modification.

Any suggestion / experience is welcome, thank you

score 1 · Accepted Answer · answered Jun 26 '12 at 17:20

1

I think, captcha will only annoy your real users. For this problem I'd rather use the testcookie-nginx-module.

answered Jun 26 '12 at 17:20

Max Kochubey

1,222

Thanks, I don't quite understand how it works from its sequence charts. Will it prevent Search Engine Crawler to parse my site? – Mr.Wang from Next Door Jul 05 '12 at 05:11
Well, it depends on your imagination mostly :) I guess that correct robots.txt file would be a better option to filter out search bots. In addition to this, you can use nginx rules - like this way. – Max Kochubey Jul 06 '12 at 04:50

Best Practice for captcha based protection against D.O.S to Nginx Proxy

1 Answers1