In the fast-paced world of cybersecurity, it is not uncommon to encounter new challenges. Recently, a new vulnerability was discovered, called the “HTTP/2 Rapid Reset” attack. Since HTTP/2 is considered a relatively new protocol , we see more modern and smarter ways to perform attacks every day. But this latest vulnerability has the potential to disrupt web services on an unprecedented scale.
Before we get into the details, let’s look at what this means for website owners.
What is the HTTP/2 Rapid Reset Attack?
HTTP/2 is a protocol that helps your website load faster and handle more visitors at the same time. HTTP/2 allows clients to request multiple website resources (CSS files, JS files, images, etc.) with a single query. However, some clever hackers have found a way to exploit this mechanism. They have developed a technique of sending a request to a server and then immediately canceling it, repeating this process at an extremely overseas chinese in europe data high speed. This flood of requests and cancellations can overwhelm a server, causing it to slow down or even crash: a classic Denial of Service (DoS) attack. The attack overloads not only the web server serving HTTP/2, but also all the backends involved in handling website requests, such as PHP executions, application servers, static file delivery, etc.
Imagine a call center and a person dials the call center number and then hangs up right after an agent answers the call. The agents waste valuable time handling fake calls and cannot handle legitimate requests. The entire call center crashes and cannot handle real customer requests. This is exactly what this new attack was doing at the server level.
SiteGround's timely response
At SiteGround, we always try to stay one step ahead in terms of website security. This time was no exception and we were among the first web hosting companies to fix this vulnerability. As soon as the HTTP/2 Rapid Reset attack was reported, our engineers sprang into action. The official announcement was made on October 10, 2023, with Google, Amazon, and CloudFlare announcing the issue at the same time. The web server software we use for all hosting servers, Nginx, also published a blog post .
Our team of security experts worked tirelessly to patch all of our web servers within an hour of the vulnerability being discovered. This timely response ensured that our clients’ websites remained secure and operational, with minimal disruption. And right now, just 24 hours later, all of SiteGround’s servers (hosting servers and CDN) are running the updated Nginx code that protects all of the sites that use our services.
Conclusion
The HTTP/2 Rapid Reset attack is a serious threat, but with our timely response and commitment to security, SiteGround customers can rest easy. We have your back and are always ready to tackle any new challenge that comes our way. At SiteGround, your security is not just a priority, it's a promise.