CHAPTER 1: INTRODUCTION
The modern threat
In 2011 an exploit taking advantage of a vulnerability in the Apache web server rapidly circulated across the Internet. Apache, at the time, was used by more than 65% of websites, according to Netcraft, so this was a serious issue which required immediate remediation. The exploit took advantage of a little-known vulnerability in the way Apache handled two HTTP headers. Exploitation of this vulnerability resulted in, as described by CVE-2011-3192, “very significant memory and CPU usage on the server”, resulting in a distributed denial-of-serviceattack (DDoS) through resource exhaustion.
In late 2013, a highly complex DDoS attack1 on a prominent member of an online trading community was detected and ...
Get Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
