Block requests in lighttpd made with HTTP/1.0 and only allow HTTP/1.1
Solution 1:
Instead of giving a solution for lighttpd
, I would recommend you to use fail2ban that is present on all Unix based system. It is watching for changes in log files and parses it according to regular expression rules and in case of matching pattern (HTTP/1.0 in your case) will block it at system's firewall level which is more effective to block unwanted connections.
Also, if you are experiencing abnormal traffic where you see more malicious requests than normal requests, you can add following firewall rule to slowdown DDoS attack
iptables -A INPUT -p tcp --dport 80 -m limit --limit 20/minute --limit-burst 127 -j ACCEPT
If you still want to block HTTP/1.0 at lighttpd
level, try to match HTTP protocol like that:
env.SERVER_PROTOCOL == "HTTP/1.0" {
url.access-deny = ( "" )
}
(Solution isn't tested since I switched to nginx
a long time ago, but AFAIR it might work.)