Random GET (cache bypass)
GET requests with randomized paths or query strings. Designed to reduce CDN/cache effectiveness and force origin fetches.
How it works
- Each request hits a unique or rotating URL variant.
- Edge caches miss more often, shifting load to origin servers.
- Origin CPU and disk I/O rise even when total RPS looks moderate.
Packet flow (illustrative)
Engarde node Target
βSYNseq=1000
βSYN-ACKseq=2000 ack=1001
βACKack=2001
βGET /api/status HTTP/1.1
βHTTP/1.1 200 OK
Illustrative flow β not a live capture.
Typical pattern Unique URL variants
Engarde metric Origin latency spike
Layer L7 + cache
What to watch in Engarde
- CDN cache hit ratio if you compare fixed URL vs. RANDOMGET.
- Origin-only error patterns when edge shielding fails.
- WAF rule match rates on unusual query strings.
Running this simulation
Engarde RANDOMGET mode varies URL parameters from distributed nodes. Compare reports against a fixed-path GET run on the same target.
Mitigation perspective
Normalize query keys, enforce cache keys, and rate-limit anomalous path patterns. Simulation reveals cache dependency risks early.