HTTP/S PUT flood
Idempotent full-resource updates over TLS. Tests object storage, REST gateways, and lock contention under encrypted write load.
How it works
- Preset: HTTP/S PUT Flood — method flag PUT on HTTP attack type.
- Full entity bodies over TLS increase bandwidth and crypto CPU.
- Often hits different WAF rules than POST (method allowlists).
Packet flow (illustrative)
Engarde node Target
→SYN · SYN-ACK · ACKTCP
→TLS handshake
→Application Data: METHOD /resource
→Encrypted entity body
Illustrative flow — not a live capture.
Engarde HTTP/S PUT Flood
Focus Full replace writes
Layer L7
What to watch in Engarde
- 409/412 conflict rates under parallel PUT.
- Storage IOPS vs. SSL CPU — which caps first.
Running this simulation
Run HTTP/S PUT on staging object/API endpoints; compare report with HTTP/S GET baseline.
Mitigation perspective
Separate PUT rate limits; validate idempotency keys under flood conditions.