Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve performance for ACL #113

Merged
merged 3 commits into from
Jul 18, 2024
Merged

Improve performance for ACL #113

merged 3 commits into from
Jul 18, 2024

Conversation

Mygod
Copy link
Contributor

@Mygod Mygod commented Feb 12, 2024

See also #110.

1. What does this change do, exactly?

Skip DNS lookup if there are no IP ACL rules. This also in some sense mitigates DoS attacks by flooding servers with a lot of denied hostnames, which could lead to overloading the DNS services.

Requesting an invalid disallowed hostname will also now return 403 correctly instead of 502.

2. Please link to the relevant issues.

N/A

3. Which documentation changes (if any) need to be made because of this PR?

None.

4. Checklist

  • I have written tests and verified that they fail without my change
  • I made pull request as minimal and simple as possible. If change is not small or additional dependencies are required, I opened an issue to propose and discuss the design first
  • I have squashed any insignificant commits
  • This change has comments for package types, values, functions, and non-obvious lines of code

@Mygod
Improve performance for ACL
43c3ee2 
This also in some sense mitigates DoS attacks by flooding servers with a lot of denied hostnames, which could lead to overloading the DNS services.
mholt
mholt approved these changes Feb 12, 2024
View reviewed changes
Copy link
Member

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't tested this, but if it works properly, LGTM.

@mholt
Copy link
Member

mholt commented Jul 5, 2024

@gaby Think this is good to be merged?

@gaby
Copy link
Collaborator

gaby commented Jul 16, 2024

@mholt Yes, looks good

@mholt mholt merged commit 02be81e into caddyserver:master Jul 18, 2024
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholt mholt mholt approved these changes

@gaby gaby gaby approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Mygod @mholt @gaby