2021 年第一季 DDoS 攻擊趨勢
Cloudflare 在上週舉辦了開發人員週,我們的團隊紛紛發佈了酷炫的新產品,其中包括一系列對 Workers 的增強。不僅是客戶喜愛使用 Workers 部署應用程式,我們的工程團隊也不例外。Workers 還是我們在 Cloudflare Radar 上發佈的網際網路流量與攻擊趨勢的驅動力量。今天,與這篇深度解析部落格貼文一同面世的還有全新的 Radar DDoS Report 頁面,這是我們在 Jupyter、Clickhouse 和 Workers 基礎上打造的第一個全面自動化資料筆記本。
上個月,我們推出了自發邊緣 DDoS (分散式阻斷服務) 保護系統,也闡釋了這如何做到既能迅速封鎖攻擊又不影響效能。該系統執行於我們網路的邊緣,異步分析流量以免影響效能,並在偵測到攻擊時立即推送內嵌的緩解規則。一切都自發完成,無需集中共識的介入。
今天,我們將分享最新的 DDoS 洞察和趨勢,這源自於我們系統在 2021 年第一季所緩解的攻擊。在分析攻擊時,我們會計算「DDoS 活動」比率,即攻擊流量占總流量 (攻擊 + 乾淨) 的百分比。這樣,我們能夠規範化資料點,並避免出現偏頗,例如,偏向於看到更多流量 (因而發現更多攻擊) 的資料中心。
重點
應用程式層 DDoS 攻擊
- 2021 年第一季,HTTP 攻擊流量百分比最高的國家是中國。位居其後的是美國、馬來西亞和印度。
- 第一季遭受攻擊最多的是電訊產業,其次是消費者服務、安全與調查、網際網路以及加密貨幣。
- 遭受攻擊最多的網際網路設備來自中國、美國和摩洛哥的公司。
網路層 DDoS 攻擊
- 在 Cloudflare 網路上,我們位於盧安達、中國和汶萊的資料中心中觀察到了最高的 DDoS 活動。
- 第一季的所有攻擊中將近 44% 發生在 1 月份。
- 主要新型威脅包括針對 Jenkins 和 TeamSpeak3 伺服器的攻擊,與前一季相比分別增長了 940% 和 203%。
- 其他新型威脅包括 QUIC 版本協商封包洪水,或許意在破壞 Cloudflare 的基礎結構。
應用程式層 DDoS 攻擊
應用程式層 DDoS 攻擊或 HTTP DDoS 攻擊旨在透過使 HTTP 伺服器無法處理請求來摧毀 HTTP 伺服器。如果伺服器受到數量超出其處理能力的請求轟炸,該伺服器會丟棄合法的請求,甚至會崩潰。
DDoS 攻擊活動產業分佈
如果按照客戶所屬市場產業對 DDoS 活動進行細分,可以發現電訊是第一季遭受攻擊最多的產業。與 2020 年第四季排名第六相比,這一次飛躍了一大步。其次是消費者服務產業,安全與調查產業則排名第三。
DDoS 活動來源國家/地區分佈
與網路層攻擊不同,HTTP 攻擊中不能假冒來源 IP。必須要建立連線。透過查詢用戶端來源 IP 的位置,就能確定其來源國家/地區。如果某一國家/地區中 DDoS 活動比率較高,這表示有大型機器人網路在這個國家/地區運作。2020 年第四季和 2021 年第一季,中國均位居榜首,美國則緊隨其後。
DDoS 活動目標國家/地區分佈
為確定哪些國家/地區遭受攻擊最多,我們按客戶的帳單國家/地區細分了 DDoS 活動。與攻擊來源細分類似,中國和美國分別排名第一和第二。有趣的是,印度在上一季將中國從第一位擠下,原因或許是印度大選同樣也在 2020 年第四季舉行。
勒索攻擊
如大家所見,我們的非 Enterprise 方案客戶是 DDoS 攻擊的最大目標。然而,不僅是攻擊的數量較高,這些客戶還報告了最高數量的 DDoS 勒索攻擊 (RDDoS)。2021 年第一季,遭受 DDoS 攻擊的被調查 Cloudflare 客戶中有 13% 報告稱他們要麼被 RDDoS 攻擊勒索,要麼提前收到了威脅。在這些客戶當中,62% 是 Pro 方案客戶,33% 是 Business 方案客戶。這是 2020 年第四季起趨勢的延續,當時被勒索客戶的數量為 17%,其中包括自稱 Lazarus Group 的團夥攻擊了一家財富 500 強公司,這家公司被我們吸納到保護範圍之中。
網路層 DDoS 攻擊
應用程式層攻擊的目標是執行終端使用者嘗試存取的服務的應用程式 (OSI 模型的第 7 層),網路層攻擊則以暴露的網路基礎結構 (例如,嵌入式路由器和其他網路伺服器) 和網際網路連結本身為目標。
攻擊數量
從月份來看,1 月是第一季中攻擊者最忙碌的月份,占該季度觀察到的攻擊總數的 42%。位列其後的是 3 月 (34.2%) 和 2 月 (23.8%)。
不過,我們確實發現第一季最大攻擊的峰值 (300-400 Gbps) 發生在 2 月。
攻擊規模
衡量第 3/4 層 DDoS 攻擊規模有多種不同的方法。一種方法是測量傳送的流量大小,以位元速率為單位 (即,每秒千兆位元)。另一種是測量傳送的封包數,以封包速率為單位 (即,每秒封包數)。高位元速率的攻擊會嘗試使網際網路連結飽和,而高封包速率的攻擊則會使路由器或其他嵌入式硬體裝置不堪負荷。
2021 年第一季觀察到的第 3/4 Continue reading
A Full Circle Journey: Introducing Cloudflare Canada
Pour voir cette publication en français, veuillez cliquer ici.
Today Cloudflare announced that Toronto will be home to Cloudflare’s first Canadian office and team. While I currently live in San Francisco, I was born and raised in Saskatchewan. As a proud Canadian, today feels like a homecoming. Canada has always been an important part of our history and customer base, and I am thrilled to see Cloudflare make a further commitment of expanding officially in the country and opening an office in Toronto. We are hiring a team locally to help our current customers and future customers, and to support even more great Canadian organizations. I wanted to share more about how Cloudflare works with Canadian businesses, what today’s announcement means, and some personal reflections.
How Cloudflare works with Canadian entrepreneurs, businesses, and nonprofits
Cloudflare helps ensure anything connected to the Internet is fast, safe, and reliable. We do this by running a distributed global cloud platform that delivers a broad range of network services to businesses of all sizes—making them more secure, enhancing the performance of anything connected online, and eliminating costs and complexity. We help approximately 25M Internet properties around the world—whether you’re a Canadian entrepreneur trying to Continue reading
Why I’m helping Cloudflare grow in Canada
I am incredibly excited to join Cloudflare as Head of Sales for Canada to expand the company’s growth in the region as part of its mission to help build a better Internet. This is an important milestone for Cloudflare to better serve the needs of our Canadian customers, recruit local talent, and build on the regional successes we’ve had around the globe.
Internet security, privacy, and performance are key drivers for every business, individual, and public sector organization. Universal dependency on the Internet has significantly increased, with web commerce, remote learning, distributed teams, remote work, virtual meetings etc. — and this is all here to stay.
Over the last few years we have seen the industry move from on-premise infrastructure and applications to a cloud-first approach with cloud and SaaS architectures. As this significant and inevitable transition has accelerated, it has introduced new complexities, challenges, and opportunities for organizations with the evolution to heterogeneous environments across public cloud, on-premise, and hybrid deployments.
At the same time, a company’s digital assets (data, web properties, applications, etc.) have become their most valuable assets. How an organization uses the Internet to serve their customers, partners, and employees has become a strategic priority Continue reading
DDoS attack trends for 2021 Q1
Last week was Developer Week at Cloudflare. During that week, our teams released a bunch of cool new products, including a bunch of improvements to Workers. And it's not just our customers that love deploying apps with Workers, but also our engineering teams. Workers is also what powers our Internet traffic and attack trends on Cloudflare Radar. Today, along with this deep-dive analysis blog, we’re excited to announce the new Radar DDoS Report page, our first fully automated data notebook built on top of Jupyter, Clickhouse, and Workers.
Last month, we introduced our autonomous edge DDoS (Distributed Denial of Service) protection system and explained how it is able to drop attacks at wire speed without impacting performance. It runs in our networks’ edge, analyzes traffic asynchronously to avoid impacting performance, and pushes mitigation rules in-line immediately once attacks are detected. All of this is done autonomously, i.e., without requiring centralized consensus.
Today, we’d like to share the latest DDoS insights and trends that are based on attacks that our system mitigated during the first quarter of 2021. When we analyze attacks, we calculate the “DDoS activity” rate, which is the percent of attack traffic out of Continue reading
Entwicklung der DDoS-Bedrohungslandschaft im ersten Quartal 2021
Letzte Woche fand die Cloudflare Developer Week statt – ein willkommener Anlass für unsere Teams, eine Reihe von spannenden neuen Produkten und nicht zuletzt auch einige Verbesserungen für Workers vorzustellen. Die Qualitäten dieser Lösung für den Einsatz von Applikationen wissen übrigens nicht nur unsere Kunden zu schätzen: Das Tool erfreut sich auch bei unseren eigenen Entwicklern großer Beliebtheit. Unter anderem basiert auch unsere Untersuchung von Internet- und Bedrohungstrends mithilfe von Cloudflare Radar auf Workers. Wir freuen uns, dass wir Ihnen heute (zusätzlich zu diesem Blogbeitrag mit detaillierten Analysen zu diesem Thema) unseren neuen Radar DDoS Report präsentieren können, unser erstes komplett automatisiertes Daten-Notebook auf der Grundlage von Jupyter, Clickhouse und Workers.
Letzten Monat stellten wir unser autonomes, am Netzwerkrand (Edge) betriebenes Schutzsystem gegen DDoS-Angriffe (Distributed Denial of Service) vor und erläuterten, wie es mit dieser Lösung gelingen kann, Attacken verzögerungsfrei und ohne Performance-Einbußen abzuwehren. Dieses System vermeidet Leistungsabfälle durch eine asynchrone Analyse des Datenverkehrs und leitet bei Angriffen sofort und direkt im Datenstrom Gegenmaßnahmen ein. All dies geschieht autonom am Netzwerkrand, eine separate Prüfung über eine zentrale Stelle ist nicht nötig.
Heute möchten wir Sie nun auf der Grundlage der Angriffe, die unsere Systeme im ersten Quartal 2021 abwehren Continue reading
Cloudflare’s Partnership with HashiCorp and Bootstrapping Terraform with Cf-Terraforming
Cloudflare and HashiCorp have been technology partners since 2018, and in that time Cloudflare’s integration with HashiCorp’s technology has deepened, especially with Terraform, HashiCorp’s infrastructure-as-code product. Today we are announcing a major update to our Terraform bootstrapping tool, cf-terraforming. In this blog, I recap the history of our partnership, the HashiCorp Terraform Verified Provider for Cloudflare, and how getting started with Terraform for Cloudflare developers is easier than ever before with the new version of cf-terraforming.
Cloudflare and HashiCorp
Members of the open source community wrote and supported the first version of Cloudflare's Terraform provider. Eventually our customers began to bring up Terraform in conversations more often. Because of customer demand, we started supporting and developing the Terraform provider ourselves. You can read the initial v1.0 announcement for the provider here. Soon after, Cloudflare’s Terraform provider became ‘verified’ and we began working with HashiCorp to provide a high quality experience for developers.
HashiCorp Terraform allows developers to control their infrastructure-as-code through a standard configuration language, HashiCorp Configuration Language (HCL). It works across a myriad of different types of infrastructure including cloud service providers, containers, virtual machines, bare metal, etc. Terraform makes it easy for developers to follow Continue reading
Containers at the edge: it’s not what you think, or maybe it is
At Cloudflare, we’re committed to making it as easy as possible for developers to make their ideas come to life. Our announcements this week aim to give developers all the tools they need to build their next application on the edge. These include things like static site hosting, certificate management, and image services, just to name a few.
Today, we’re thrilled to announce that we’re exploring a new type of service at the edge: containers.
This announcement will be exciting to some and surprising to many. On this very blog, we’ve talked about why we believe isolates — rather than containers on the edge — will be the future model for applications on the web.
Isolates are best for Distributed Systems
Let us be clear: isolates are the best way to do edge compute, period. The Workers platform is designed to allow developers to treat our global network as one big computer. This has been a long-held dream of generations of engineers, inspiring slogans like "The Network is the Computer" — a trademark which, incidentally, we now own. Isolates and Durable Objects are finally making that vision possible.
In short, isolates excel at distributed systems. They are perfect for Continue reading
Announcing Cloudflare’s Database Partners
Cloudflare Workers is the easiest way for developers to deploy their application’s code with performance, scale and security baked in. No configuration necessary. Worker code scales to serve billions of requests close to your users across Cloudflare’s 200+ data centers.
But that’s not the only interesting problem we need to solve. Every application has two parts: code and state.
State isn’t always the easiest to work in a massive distributed system. When an application runs in 200+ data centers simultaneously, there’s an inherent tradeoff between distributing the data for better performance, availability, scale, and guaranteeing that all data centers see the same data at a given point in time.
Our goal is to make state at the edge seamless. We started that journey with Workers KV, which provides low-latency access to globally distributed data. We’re since added Durable Objects, with strong consistency and the ability to design coordination patterns on top of Workers. We’re continuing to invest in and build out these products.
However, some use cases aren’t easily implemented with Workers KV or Durable Objects. Think querying complex datasets, or communicating with an existing system-of-record. Even if we built this functionality ourselves, there will always be customers who want Continue reading
Cloudflare Stream now supports NFTs
Cloudflare Stream has been helping creators publish their videos online without having to think about video quality, device compatibility, storage buckets or digging through FFmpeg documentation. These creators want to be able to claim ownership of their works and assert control over how that ownership claim is transferred. Increasingly, many of those creators are looking to Non-Fungible Tokens (NFTs).
NFTs are a special type of smart contract that allows provable ownership of the contract on the blockchain. Some call NFTs collectibles because like coins or stamps, collectors who enjoy them buy, sell and trade them. Collectors keep track of NFTs on the Ethereum blockchain which acts as a shared source of truth of all the activity.
Today, we’re introducing a new API that takes a ERC-721 token ID and contact address and sets it on a video so every video on Stream can be represented with an NFT.
curl -X POST -H "Authorization: Bearer $AUTH_TOKEN" --data '{"contract":"0x57f1887a8bf19b14fc0d912b9b2acc9af147ea85","token":"5"}' https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/stream/$VIDEO_ID/nft
Once you set it, you cannot change these values so be sure to set it to an NFT you own! If you set a video you own to an NFT you don’t own, the owner of the NFT can claim Continue reading
Node.js support in Cloudflare Workers
We released Cloudflare Workers three years ago, making edge compute accessible to the masses with native support for the world’s most ubiquitous language — JavaScript.
The Workers platform has transformed so much since its launch. Developers can not only write sandboxed code at our edge, they can also store data at the edge with Workers KV and, more recently, coordinate state within our giant network using Durable Objects. Now, we’re excited to share our support of an 11 year old technology that’s still going strong: Node.js.
Node.js made a breakthrough by enabling developers to build both the frontend and the backend with a single language. It took JavaScript beyond the browser and into the server by using Chrome’s JavaScript engine, V8.
Workers is also built on V8 Isolates and empowers developers in a similar way by allowing you to create entire applications with only JavaScript — except your code runs across Cloudflare’s data centers in over 100 countries.
Our Package Support Today
There is nothing more satisfying than importing a library and watching your code magically work out-of-the-box.
For over 20k packages, Workers supports this magic already: any Node.js package that uses webpack or another polyfill Continue reading
Introducing workers.new, custom builds, and improved logging for Workers
Cloudflare Workers® aims to be the easiest and most powerful platform for developers to build and deploy their applications. With Workers, you can quickly solve problems without having to wonder: “is this going to scale?”
You write the JavaScript and we handle the rest, from distribution to scaling and concurrency.
In the spirit of quickly solving problems, we’re excited to launch three new improvements to the Workers experience, so you can take your next idea and ship it even faster.
Introducing... workers.new
First, we’re introducing https://workers.new, a shortcut that takes you directly to a JavaScript editor for creating a new Worker. Anytime you have a cool idea, need a quick fix to a problem, or just want to debug some JavaScript, you now have a simple way to go from idea to prototype. What’s more is you don’t even need to deploy the Worker to try it out!
We’ve also updated the default Worker template to help you go a few steps beyond the typical “Hello, World!”. When you open the editor, you’ll now see a few examples that demonstrate how to redirect requests, modify headers, and parse responses.
Customize your build scripts
For developers Continue reading
A Boring Announcement: Free Tunnels for Everyone
A few months ago, we announced that we wanted to make Zero Trust security accessible to everyone, regardless of size, scale, or resources. Argo Tunnel, our secure method of connecting resources directly to Cloudflare, is the next piece of the puzzle.
Argo Tunnel creates a secure, outbound-only connection between your services and Cloudflare by deploying a lightweight connector in your environment. With this model, your team does not need to go through the hassle of poking holes in your firewall or validating that traffic originated from Cloudflare IPs.
In the past, Argo Tunnel has been priced based on bandwidth consumption as part of Argo Smart Routing, Cloudflare’s traffic acceleration feature. Starting today, we’re excited to announce that any organization can use the secure, outbound-only connection feature of the product at no cost. You can still add the paid Argo Smart Routing feature to accelerate traffic.
As part of that change (and to reduce confusion), we’re also renaming the product to Cloudflare Tunnel. To get started, sign up today.
If you’re interested in how and why we’re doing this, keep scrolling.
A Private Link to the Public Internet
In 2018, Cloudflare introduced Argo Tunnel, a private, secure connection between your origin Continue reading
Bringing AI to the edge with NVIDIA GPUs
Cloudflare has long used machine learning for bot detection, identifying anomalies, customer support and business intelligence. And internally we have a cluster of GPUs used for model training and inference.
For even longer we’ve been running code “at the edge” in more than 200 cities worldwide. Initially, that was code that we wrote and any customization was done through our UI or API. About seven years ago we started deploying custom code, written in Lua, for our enterprise customers.
But it’s quite obvious that using a language that isn’t widely understood, and going through an account executive to get code written, isn’t a viable solution and so four years ago we announced Cloudflare Workers. Workers allows anyone, on any plan, to write code that gets deployed to our edge network. And they can do it in the language they choose.
After launching Workers we added storage through Workers KV as programs need algorithms plus data. And we’ve continued to add to the Workers platform with Workers Unbound, Durable Objects, Jurisdictional Restrictions and more.
But many of today’s applications need access to the latest machine learning and deep learning methods. Those applications need three things: to scale easily, Continue reading
Expanding the Cloudflare Workers Observability Ecosystem
One of the themes of Developer Week is “it takes a village”, and observability is one area where that is especially true. Cloudflare Workers lets you quickly write code that is infinitely scalable — no availability regions, no scaling policies. Your code runs in every one of our data centers by default: region Earth, as we like to say. While fast time to market and effortless scale are amazing benefits, seasoned developers know that as soon as your code is in the wild… stuff happens, and you need the tools in place to investigate, diagnose, fix and monitor those issues.
Today we’re delighted to add to our existing analytics partners. We’re announcing new partnerships with six observability-focused companies that are deeply integrated into the Cloudflare Workers ecosystem. We’re confident these partnerships will provide immediate value in building the operational muscle to maintain and make your next generation of applications fast, secure and bullet-proof in production.
console.log(`Got request. Extracted name=${name}. Saving…`);
Cloudflare wrangler gives you the ability to generate, configure, build, preview and publish your projects, from the comfort of your dev environment. Writing code in your favorite IDE with a fully-fledged CLI tool that also allows you to simulate Continue reading
Location-based personalization at the edge with Cloudflare Workers
We’re excited to announce an update to Cloudflare Workers, our serverless code platform built on our global network. Geolocation data is now accessible and free for all developers on our Workers platform, including users on the free plan!
You can now serve personalized experiences for users based on their location using Workers. Personalization is critical to building intuitive apps for users and it unlocks new possibilities for what you can build on our platform. Whether you’re building a social networking app or an automatic shipping cost estimator for an e-commerce site, a one-size-fits-all experience doesn’t cut it. Location-based personalization helps you show what’s most relevant to your users, be it tickets for movies in their area or content in their local language.
With geolocation data available on the server side, there’s no configuration needed for users to set their location.
Each request to a Worker includes the user’s (example data shown):
- Country: “US”
- City: “Austin”
- Continent: “NA”
- Latitude: "30.27130"
- Longitude: “-97.74260”
- Postal code: "78701"
- Metro code(dma): “635”
- Region: “Texas”
- Timezone: “America/Chicago”
Geolocation data on Workers makes it even easier to build server rendered apps and customized services.
Refer to the documentation to learn more.
In case you need Continue reading
Developer Challenges
Welcome to Developer Week at Cloudflare! We are excited to announce we are running a series of Developer Challenges throughout the week to give you the excuse you needed to play with all our new features.
Between now and April 19 you’ll get to know the Cloudflare developer tools and walk away with a fun new app (or five) to your name. You’ll also become a part of the Cloudflare Developer community!
We hope that some of you will be inspired to create your next project using Cloudflare Workers, Workers KV, Pages, Durable Objects and all the developer-focussed products that Cloudflare offers. There’s already a vibrant community building applications using the Workers ecosystem; we hope the Developer Challenges inspire you to build on Cloudflare.
What are Developer Challenges?
We know that some people are new to the Cloudflare services for developers and that some of you have been using them for a while, so we have come up with two streams of challenges.
If you’re just getting started with Cloudflare, there will be a new challenge each day of the week that will help you level up your knowledge in no time. There’s also an extra bonus challenge Continue reading
Cloudflare Pages is now Generally Available
In December, we announced the beta of Cloudflare Pages: a fast, secure, and free way for frontend developers to build, host, and collaborate on Jamstack sites.
It’s been incredible to see what happens when you put a powerful tool in developers’ hands. In just a few months of beta, thousands of developers have deployed over ten thousand projects, reaching millions of people around the world.
Today, we’re excited to announce that Cloudflare Pages is now available for anyone and ready for your production needs. We’re also excited to show off some of the new features we’ve been working on over the course of the beta, including: web analytics, built in redirects, protected previews, live previews, and optimized images (oh, my!). Lastly, we’ll give you a sneak peek into what we'll be working on next to make Cloudflare Pages your go-to platform for deploying not just static sites, but full-stack applications.
What is Cloudflare Pages?
Cloudflare Pages radically simplifies the process of developing and deploying sites by taking care of all the tedious parts of web development. Now, developers can focus on the fun and creative parts instead.
Seamless builds for developers
Getting started with Cloudflare Pages is as Continue reading
Live stream to multiple platforms with Stream Connect
Today, we are announcing the Stream Connect beta, the first step towards supporting end-to-end live broadcasting on Cloudflare. You can use Stream Connect to push RTMPS feeds to the Cloudflare edge and have it restreamed to your audience on any platform that supports RTMPS such as Facebook, YouTube and Twitch.
What is restreaming?
Facebook, YouTube and Twitch are great platforms for creators to broadcast live video to reach billions. They each have their own unique communities and benefits for creators. If you have a band and want to broadcast a live performance for your fans, broadcasting to only one platform limits your reach. Restreaming enables you to push the live video to multiple platforms at the same time so you can meet your fans on their preferred platform.
Live video platforms accept incoming connections using a protocol called RTMP or RTMPS. Stream Connect allows you to continue using the same protocol as before. However, instead of using your local connection to send the video feed to multiple platforms, you only send it to Stream Connect. Connect uses the Cloudflare network to send your live feed to the configured media platforms.
How Stream Connect increases reliability and lowers latency
Eliminating the Continue reading
Developers, Developers, Developers: Welcome to Developer Week 2021
Runtimes, serverless, edge compute, containers, virtual machines, functions, pods, virtualenv. All names for things developers need to go from writing code to running code. It’s a painful reality that for most developers going from code they’ve written to code that actually runs can be hard.
Excruciatingly, software development is made hard by dependencies on modules, by scaling, by security, by cost, by availability, by deployment, by builds, and on and on. All the ugly reality of crystallizing thoughts into lines of code that actually run, successfully, somewhere, more than once, non-stop, and at scale.
And so… Welcome to Developer Week 2021!
Like we have done in previous Innovation Weeks (such as Security Week or Privacy Week), we will be making many (about 20) announcements of products and features to make developers’ lives easier. And by easy I mean removing the obstacles that stop you, dear developer, from writing code and deploying it so it scales to Internet size.
And Cloudflare Workers, our platform for software developers who want to deploy Internet-facing applications that start instantly and scale Internetly, has been around since 2017 (or to put it in perspective, since iPhone 8) and helping developers code and deploy in seconds Continue reading
Per Origin Host Header Override
Load Balancing as a concept is pretty straightforward. Take an existing infrastructure and route requests to the available origin servers so no single server is overwhelmed. Add in some health monitoring to ensure each server has a heartbeat/pulse so proactive decisions can be made. With two steps, you get more effective utilization of your existing resources… simple enough!
As your application grows, however, load balancing becomes more complicated. An example of this — and the subject of this blog post — is how load balancing interacts with the Host header in an HTTP request.
Host headers and load balancing
Every request to a website contains a unique piece of identifying information called the Host header. The Host header helps route each request to the correct origin server so the end user is sent the information they requested from the start.
For example, say that you enter example.com into my URL bar in my browser. You are sending a request to ‘example.com’ to send you back the homepage located within that application. To make sure you actually get resources from example.com, your browser includes a Host header of example.com. When that request reaches the back-end infrastructure, Continue reading