A POST flood DDoS attack is an application layer (Layer 7) DDoS attack method. Web applications use POST requests to make legitimate requests for server resources, such as during a form submission. An HTTP POST request is a method that submits data in the body of the request to be processed by the server. For example, a POST request takes the information in a form and encodes it, then posts the content of the form to the server.
An HTTP POST flood is a type of DDoS attack in which the volume of POST requests overwhelms the server so that the server cannot respond to them all. This can result in exceptionally high utilization of system resources and consequently crash the server. An HTTPS POST flood DDoS attack is an HTTP POST flood sent over an SSL session. Due to the use of SSL it is necessary to decrypt this request in order to inspect it. Learn more about the DDoS attack trends, including use of POST flood DDoS attacks in the latest State of the Internet – Security report.
The Amos POST flood script is PHP code that was popular during the itsoknoproblembro DDoS campaigns. The Amos PHP script launches Layer 7 application attacks against targets that originate from web compromised web servers. The Amos POST flood PHP script is sent as encoded content within a request to an infected server, and once the script executes it begins a POST flood against the target. Learn more about how to stop DDoS attacks involving the itsoknoproblembro DDoS toolkit.