Vatsvagiri kubva kuYunivhesiti yeHamburg neCologne
nzira itsva yekurwisa pane zvemukati zvekutumira network uye caching proxies - (Cache-Poisoned Denial-of-Service). Kurwiswa kunobvumira kupinda kune peji kurambidzwa kuburikidza nechepfu ye cache.
Dambudziko nderokuti maCDN cache haana kungopedza zvikumbiro zvakabudirira, asiwo mamiriro ezvinhu apo http server inodzorera kukanganisa. Semutemo, kana paine matambudziko ekugadzira zvikumbiro, sevha inoburitsa 400 (Chakaipa Chikumbiro) kukanganisa; iyo chete inosarudzika ndeye IIS, iyo inoburitsa 404 (Haina Kuwanikwa) kukanganisa kune yakakurisa misoro. Muyero unongobvumira zvikanganiso zvine macode 404 (Haawanikwe), 405 (Nzira Isingatenderwi), 410 (Yaenda) uye 501 (Haina Kushandiswa) kuti ivharwe, asi mamwe maCDN anochengetedza mhinduro nekodhi 400 (Chikumbiro Chakaipa), zvinoenderana. pachikumbiro chakatumirwa.
Varwi vanogona kuita kuti yekutanga sosi idzose "400 Yakashata Chikumbiro" kukanganisa nekutumira chikumbiro chine misoro yeHTTP yakarongwa neimwe nzira. Iyi misoro haina kuverengerwa neCDN, saka ruzivo rwekusakwanisa kuwana peji ruchachengetwa, uye zvimwe zvese zvikumbiro zvemushandisi nguva isati yapera zvinogona kukonzera kukanganisa, zvisinei nekuti saiti yepakutanga inoshandisa zvirimo. pasina matambudziko.
Sarudzo nhatu dzekurwisa dzakakurudzirwa kumanikidza sevha yeHTTP kudzosera kukanganisa:
- HMO (HTTP Method Override) - munhu anorwisa anogona kudarika nzira yekukumbira yekutanga kuburikidza ne "X-HTTP-Method-Override", "X-HTTP-Method" kana "X-Method-Override" misoro, inotsigirwa nemamwe maseva, asi. isina kuverengerwa muCDN. Semuenzaniso, unogona kushandura nzira yepakutanga "GET" kune "DELETE" nzira, iyo inorambidzwa pavhavha, kana "POST" nzira, iyo isingashandisi kune statics;
- HHO (HTTP Header Oversize) - anorwisa anogona kusarudza saizi yemusoro kuitira kuti ipfuure muganho weiyo sosi server, asi isingawire mukati mezvirambidzo zveCDN. Semuyenzaniso, Apache httpd inoganhura saizi yemusoro kusvika pa8 KB, uye Amazon Cloudfront CDN inobvumira misoro kusvika ku20 KB;
- HMC (HTTP Meta Character) - munhu anorwisa anogona kuisa mavara akakosha muchikumbiro (\n, \r, \a), ayo anoonekwa seasina basa pane sosi server, asi akafuratirwa muCDN.
Iyo yakanyanya kukurumidza kurwisa yaive CloudFront CDN inoshandiswa neAmazon Web Services (AWS). Amazon ikozvino yakagadzirisa dambudziko nekudzima kukanganisa caching, asi zvakatora vaongorori kupfuura mwedzi mitatu kuwedzera dziviriro. Nyaya iyi yakabatawo Cloudflare, Varnish, Akamai, CDN77 uye
Nekukurumidza, asi kurwiswa kuburikidza navo kunogumira kune kunanga maseva anoshandisa IIS, ASP.NET, и . , kuti 11% yeDhipatimendi reDziviriro yeDhipatimendi reUnited States, 16% ye URLs kubva kuHTTP Archive dhatabhesi uye inenge 30% yemawebhusaiti epamusoro mazana mashanu akaiswa neAlexa anogona kurwiswa.
Sechishandiso chekuvhara kurwiswa padivi resaiti, unogona kushandisa "Cache-Control: hapana-chitoro" musoro, unorambidza mhinduro caching. Mune mamwe maCDN, semuenzaniso.
CloudFront uye Akamai, unogona kudzima kukanganisa caching padanho rezvirongwa zveprofile. Kuti udzivirirwe, unogona zvakare kushandisa web application firewall (WAF, Web Application Firewall), asi inofanirwa kuitwa padivi reCDN pamberi pevanochengeta caching.
Source: opennet.ru