Sorry, we don't support your browser.  Install a modern browser

Traffic Pike Alert Webhook API Alow Custom Respond Logic#83

Subscribe to updates

Hello CloneCone, I currently deployed my personal blog and API Server on Cloudcone Compute Instance(s).

As concerning of a sudden rise of bandwidth traffic and computer resources usage(such as CPU usage and memory usage and number of running processes) due to unexpected DDOS attacks or HTTP Flood attacks or any type of malicious brute force attacks, I would expect a elegant and flexible way to handle such situation and make appropriate response(s) base on consequence in time before too late, for example, before the attack exhausted all my bandwidth quota.

Hereby, I recommend a mechanism called “webhook” to solve above situation. Concretly, I can set up a webhook by simply make a POST to /api/v1/setUpWebhook:

let cloudconeAPIEndPoint = "https://api.cloudcone.com/api/v1";

let client = axios.create({
    "baseURL": cloudconeAPIEndPoint,
    "headers": { "Content-Type": "application/json" }
});

let webhookURL = "https://webhook.api.mydomain.com/cloudcone/secretPath";

client.post("/setUpWebhook", {
    "url": webhookURL,
    "concernedAbout": [] // list of event types, empty list means any event
}).then(r => r.data).then(d => console.log(d)).catch(console.error);

By running above code I register an webhook at CloudCone, so that when anything happens, CloudCone will POST an update Object to webhookURL i.e. "https://webhook.api.mydomain.com/cloudcone/secretPath", say that I already had a webserver listen this path for POST request:

let app = express();

app.post(
    "/cloudcone/secretPath", 
    (req, res) => onUpdateFromCloudConeWebhook(req, res)
);

// app.listen(...)

function onUpdateFromCloudConeWebhook(req, res) {
    console.log("Someone is DDOS attacking your cloudcone server / CDN !");
    console.log("They are exhausting out your machine resources!");
    sendEmailTo("myEmailAddress@example.com", "alert from cloudcone....");

    let update = req.body;

    sendEmailTo("myEmaiAddress@example.com", JSON.stringify(update, null, 4));

    if (update.resource.usage is too big and too high) {
        console.log("attacking is too fierce, we shutting your machine down...",
       // send request to https://api.cloudcone.com/api/v1/compute/:id/shutdown to shutdown the machine
    }

    // send alert to my Telegram...

    // send alert to my SMS...

    // even phonecall me if the attack is too strong...

    res.statusCode = 200;
    res.end('');
}

Above is some example code for “handling an attack alert by webhook”, for example I can just send myself an email, shutting down the machine. Enrich the code, we can make it smarter, so that it will be able to make smarter emergent responses base on situation at that time.

How do you think?

4 years ago

Here is a reference:

Call a webhook with a classic metric alert in Azure Monitor - Azure Monitor

4 years ago
Make a suggestion