Protecting the Web at a scale using consul and Elk Безопасность
Left brainer with passion about snowboarding, sailing, free-diving, kite-surfing, wake-boarding, surfing, traveling, adrenaline, good company and good reads.
I have been playing with computers for more than a decade after watching Angelina Jolie in “Hackers”. Before her, I only remember the "Moon patrol" game.
Brute-force attacks against web based applications are on the raise.
You will be presented with an architecture built on top of ELK (https://www.elastic.co/products) and consul (https://www.consul.io/) that is capable of reliably detecting, analysing and mitigating large scale brute-force attacks against Wordpress, Drupal, Magento and Joomla based web sites in near real time.
With little modifications the same architecture can be applied to solve similar problems.
Open source web applications such as WordPress, Drupal, Magento, Joomla etc. are extremely popular and building major part of the Web as we know it today - more than 25%. SiteGround alone is hosting more than 600000 websites based on those platforms.
Being so popular and easy to use, those applications are under constant threat of being exploited, cracked, misused and private data stolen from them.
In recent years waves of brute-force attacks are targeting sites based on those platform, leading to compromise of huge number of web sites and unknown amount of data being leaked to the dark net.
While it is hard to achieve perfect security in multi-tenant and multi-user environment, the presented system built on top of consul and Elk is capable of successfully mitigating those attacks, rendering them useless in a meaningful time-frame.