DDoS attack with a large number of requests went through the CDN
According to the report of VNETWORK SOC (Security Operation Center), most of the requests due to DDoS pouring to the website vnis.vn have been handled by VNCDN’s CDN system. Most of those requests are pre-cached content on the CDN system. Data is quickly returned for most requests without the need to get results from the origin server.
VNCDN’s CDN is known as the leading CDN system in Vietnam with the ability to respond to a huge number of requests up to 6 billion requests/day. At a time, the system can handle up to 3 million CCUs at the same time. In addition, VNETWORK also has a Multi CDN network. This is a combined network of CDNs from 32 countries around the world. The total power of Multi CDN is up to 2,600Tbps.
The number of requests going through VNCDN’s CDN system peaked at nearly 4 million requests
Total DDoS requests to WAF is only about 1 million requests
For the remaining DDoS requests, nearly 1 million requests for new data must go through the filtering system of the Cloud WAF VNIS firewall. The final number of clean requests to the origin server is very small.
The number of requests to WAF (Web Application Firewall) peaked at about 140,000 requests/minute
The number of clean requests poured into the original server is only very small
Total requests to WAF are about 1 million requests
During the attack, the website www.vnis.vn did not appear to have any errors related to code 5xx (the website is still operating stably). Most illegal access requests are required by the WAF system for ‘browser base’ authentication. Therefore, most of the bad requests are blocked by the WAF firewall.
No errors 5xx. appear
According to the analysis of technicians, the attacking IP ranges all use international IP sources. Hackers also use many types of attacks with methods such as GET (getting new data from the server), HEAD, PUT…
International IPs used by hackers in the attack
Attack methods are used such as GET, PUT, HEAD,…
Number of requests per minute recorded by WAF
VNETWORK SOC helps in early detection and timely handling of DDoS attacks
Although hackers use many different forms of attacks on Website vnis.vn, it still works stably even when being attacked. Thanks to VNIS’s Cloud WAF system combined with the SOC monitoring center, all attack activities are strictly controlled. While the system was attacked, VNETWORK technology continuously monitored through the SOC system and provided timely Anti DDoS methods.
Your business is interested in experiencing VNIS solution, please reach out to us via our hotline: (028) 7306 8789 or contact@vnetwork.vn.