How to prevent Pixel flood

Limiting the size of the uploaded file

Web servers allow you to limit the maximum upload file size. This limit must be set, but it does not protect against the Pixel flood attack, due to the file size can be very small (1Kb), but the image size is large (65535x65535 pixels).

http {
    # Restrict max upload file size to 100 Mb
    client_max_body_size 100M;
}
; php.ini
; Maximum allowed size for uploaded files.
upload_max_filesize = 40M

; Must be greater than or equal to upload_max_filesize
post_max_size = 40M

Sorry, but this is part of
Web-security course

Web-security course

  • Actual web attacks with examples
  • A wrong ways of preventing attacks
  • Security methods guaranties elimination of attacks
  • Quizzes for the material fixation

  Explore HTTP Response Splitting →