Asymmetric denial of service - Content length
Need
Prevent service degradation or outage due to malicious requests with excessively large Content-Length headers
Context
- Usage of Elixir for building scalable and fault-tolerant applications
- Usage of Plug and Cowboy for HTTP request and response handling
- Usage of server that accepts requests with unrestricted Content-Length header
Description
Non compliant code
defmodule VulnerableApp do
use Plug.Router
plug :match
plug :dispatch
get '/' do
send_resp(conn, 200, 'Hello, world!')
end
end
This basic Plug-based Elixir application doesn't impose any limits on the Content-Length of incoming requests, making it vulnerable to DoS attacks.
Steps
- Set a maximum limit for the Content-Length of incoming requests.
- Consider using a rate limiting mechanism to limit the number of requests from a single source.
- Set an absolute timeout for incoming connections.
Compliant code
defmodule SecureApp do
use Plug.Router
plug Plug.Parsers, parsers: [:urlencoded, :multipart, :json], pass: ['*/*'], json_decoder: Poison, length: 1_000_000
plug :match
plug :dispatch
get '/' do
send_resp(conn, 200, 'Hello, world!')
end
end
This Elixir application uses the Cowboy HTTP server with a configuration that limits the maximum request body size, mitigating the DoS vulnerability.