525 ssl handshake error

While experiencing layer7 ddos, some connections drop with 525 error.
I am using Ubuntu 18.10, nginx, SSL between cloudflare and nginx.

Do you know what should be tuned to fix this problem?

I’m going to take a wild guess that the server’s suffering from the DDoS and can’t maintain SSL connections. Hopefully you can slow down the attack:

Thank you for such a quick response.
This is good idea, however, not in my case. I am running API service and cannot run JS challenge verification.

I increased “worker_connections” in nginx, maybe this is the way to go.

If it’s an endpoint purely for API that’s being attacked, you may be able to create a Firewall Rule to exclude anything that doesn’t match an API connection (UserAgent, Request Method, etc.)

This topic was automatically closed after 30 days. New replies are no longer allowed.