DDoS Attack using <object> Tag

For the last few days, 502 Bad request error occurred on site. An unusual URL was encountered while trying to catch the log.

It is a referer that is http://attacksexmaple.com/ajax.php and the address of page= changed randomly whenever it is refreshified.

The detail of view-source: is as below.

There are about 700 tags that attack my site on exploit page, the server is overloaded due to the change of 700 page= numbers whenever I access the site.

It is inserted into attacker’s homepage and general users become attacker without intention and battered by DDoS attacks.

Tens of thousands of logs are stacked and 502 Bad request error occurs and accept4() failed (24: Too many open files) occurs in nginx error log.

At present, we fend off the attack through the DDoS anti-exploit page of cloudflare which helps delaying load for 5 seconds.

Are there any ways to fend off DDoS attack as below?

Server configuration is ubuntu 18.04 / nginx+naxsi / php7.0 / mariadb.

Because of the tag ‘content=“no-referrer”’, referer is not showed up and we cannot block the access through a referer.

Referer is showed up only on few browsers which cannot get the tag content=“no-referrer” and 10% of all DDoS access is not available.


<!DOCTYPE html>
<meta name="referrer" content="no-referrer">
<div style='display:none;'>

<object type="text/html" width="0" height="0" data="https://myexample.com/bbs/bbs.php?v=45852823"></object>

if(parent.frames.length <= 0) { top.location.href='https://www.attackersite.org'; }

This topic was automatically closed after 30 days. New replies are no longer allowed.