	US 12,407,720 B1
	Methods for protecting web based resources from D/Dos attacks and devices thereof
Yaniv Shemesh, Sammanish, WA (US); and David Stav, Mountain View, CA (US)
Assigned to F5, Inc., Seattle, WA (US)
Filed by F5, Inc., Seattle, WA (US)
Filed on Feb. 22, 2023, as Appl. No. 18/112,987.
Application 18/112,987 is a continuation of application No. 15/149,981, filed on May 9, 2016, granted, now 11,616,806.
Claims priority of provisional application 62/158,945, filed on May 8, 2015.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/1458 (2013.01) [H04L 63/1416 (2013.01)]

5 Claims

1. A method for preventing D/DOS attack on a web resource, the method implemented by a network traffic management system comprising one or more network traffic apparatuses, client devices, or server devices, the method comprising:

receiving a request for a web resource from a client, wherein the request comprises referrer header information;

determining whether the domain in the referrer header information is one of a subdomain, a cross domain, or a related external domain;

in response to determining the domain is not one of the subdomain, the cross domain, or the related external domain, determining the received referrer header information comprises a known domain and a valid cookie associated with the known domain to designate the received header information as validated referral header information; and

preventing a distributed denial of service attack by providing a proactive challenge to the requesting client then the determination indicates the received referrer header information is the validated referrer header information, wherein the proactive challenge comprises:

injecting an obtained obfuscated JavaScript in a URL; and

transmitting the URL to the client.