servd

Under Attack Mode

Under Attack Mode can be enabled and configured from the Project Settings > Access control page in the Servd Dashboard.

When activated, Under Attack Mode displays an automated interstitial page to all users before they are able to visit your project. The interstitial page checks whether the visitor is a real end user and not a bot or automated attacker. Any visitors who are determined to not be 'real' are simply blocked, preventing them from consuming the project's resources.

If a project is under unexpected heavy load, activating Under Attack mode is a simple way to quickly reduce incoming traffic and get things back online.

Auto Under Attack #

Under Attack Mode can be enabled automatically when a configurable set of conditions occur. These conditions can be set in the Under Attack panel on the Project Settings > Access control page in the Servd Dashboard.

Trigger on Incoming Request Rate

The only currently supported condition is incoming request volume. Request rates are monitored in 1 minute windows. If a 1 minute window, within the last 5 minutes, has an average request rate higher than the configured value Under Attack Mode will be activated. Under attack mode will deactivate once there are no 1 minute windows within the last 5 minutes that have an average request rate higher that 60% of the configured req/s value. This is to prevent thrashing between on and off states when traffic stays at just above or below the configured rate for a period of time.

Restart PHP / clear request queues upon activation

Often DoS attacks will result in a large amount of incoming requests being queued up for processing before Under Attack mode protection has had a chance to enable. In order to clear these queues and resume normal operation as quickly as possible you can enable the Restart PHP option. This will restart the PHP processes whenever Auto Under Attack mode activates, clearing any queues and getting things up and running as quickly as possible.