HTTP DELETE flood
Delete-method traffic targeting removal endpoints. Exercises authorization checks and soft-delete/archive backends.
How it works
- Each DELETE may trigger audit logs and cascade rules.
- Authorization failures should dominate if ACLs are correct.
- Destructive paths need strict rate limits.
Packet flow (illustrative)
Engarde node Target
→TCP established
→METHOD /resource/id HTTP/1.1
→Entity body (write path)
Illustrative flow — not a live capture.
Focus Auth + delete path
Engarde DELETE mode
Layer L7
What to watch in Engarde
- 401/403 vs. unexpected 200 under flood.
- Audit pipeline backlog.
Running this simulation
Use DELETE simulation only on disposable staging data with explicit approval.
Mitigation perspective
Strong auth, method allowlists, and aggressive rate limits on destructive routes.