Block requests in lighttpd made with HTTP/1.0 and only allow HTTP/1.1

http webserver lighttpd denial-of-service

Solution 1:

Instead of giving a solution for lighttpd, I would recommend you to use fail2ban that is present on all Unix based system. It is watching for changes in log files and parses it according to regular expression rules and in case of matching pattern (HTTP/1.0 in your case) will block it at system's firewall level which is more effective to block unwanted connections.

Also, if you are experiencing abnormal traffic where you see more malicious requests than normal requests, you can add following firewall rule to slowdown DDoS attack

iptables -A INPUT -p tcp --dport 80 -m limit --limit 20/minute --limit-burst 127 -j ACCEPT

If you still want to block HTTP/1.0 at lighttpd level, try to match HTTP protocol like that:

env.SERVER_PROTOCOL == "HTTP/1.0" {
  url.access-deny = ( "" )
}

(Solution isn't tested since I switched to nginx a long time ago, but AFAIR it might work.)

Related

Upgrade M.2 to NVMe
Using a laptop as a second monitor by using a cable
What is the 'international english' keyboard layout for localectl
Auto login user admin with cmd
How to move Office 365 Outlook calendar to secondary monitor
Outlook 2016 crashing while trying to download messages
Page Sizes (SSD)
Windows 10: Find and focus opened app across multiple desktops
Msg to everyone in same router?
How to remove a reference to the missing Microsoft Excel addin?
What driver is compatibility with USB\VID_0FE6&PID_9700&REV_0101 hardware id?
How to remove a user defined language in Notepad++