Does Caddy have mitigations against Rapid Reset DDOS attacks?

Saw the above and thought it was interesting; flaws in HTTP2 enabling these attack vectors. It made me wonder if Caddy has any protections against this sort of thing?

1 Like

Looks like golang released 1.21.3 which includes this fix, at least for net/http.

1 Like

See here:

We’ll cut a release shortly with the fix.

1 Like

Thanks for the hard work all, it’s appreciated.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.