HTTP/2 Rapid Reset Attack Impacting NGINX Products
www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
Double check your nginx config.
Mod Edit for context follows.
This blog post centers on a vulnerability that was recently discovered related to the HTTP/2 protocol. Under certain conditions, this vulnerability can be exploited to execute a denial-of-service attack on NGINX Open Source, NGINX Plus, and related products that implement the server-side portion of the HTTP/2 specification. To protect your systems from this attack, we’re recommending an immediate update to your NGINX configuration. ….
Read more here: Source link