AWS auto scalling DDOS

Even if AWS auto scalling is present can my web application still be vulnerable to DDOS by Brute forcing on login page?

I got a 504 Gateway time out error. I suspect this may be due to application level DOS.

2 Likes

There is nothing to distinguish between real traffic and non-real traffic, That’s why autoscaling won’t recognize a DDOS attack, and for the 504 Gateway time out error message Check the configurations on your firewall, security groups, and origin server to identify the source of the errors

3 Likes
  • If you have auto scaling enabled and face a DDOS you’d probably go bankrupt because of the AWS bill.
  • As far as Application level DOS is concerned you should enforce rate limiting on endpoints.
  • If you’re really concerned about DDOS you should use a service like cloudflare.
  • It would also be great if you could provide more architectural details of your application.
2 Likes

hmmm great!! i can teach more about this topic