An HTTP flood attack is based on the client’s GET or POST request. When a client – in other words, the browser that calls up the website – sends one of these requests, the server processes the request and sends the result back to the client.
With the GET request, static content such as images and text blocks are retrieved. A POST request is used if access to the dynamic resources is requested. Simply put, the GET method receives data from the server and the POST method sends data to the server. Both methods can be applied in the attack, however, the POST method is utilized more often as is it triggers complex processing by the server.
The HTTP flood attack relies on the fact that many requests will be submitted at the same time across a longer period. In doing so, a botnet is usually utilized to increase the volume of requests. The HTTP flood attack is designed in such a way that the server allocates the most possible resources to each request. In a normal situation, this is how the server is supposed to work, as is doesn’t receive thousands or hundreds of thousands of requests per minute. However, with the massive number of requests and call ups, the attacker expects that the server will become overburdened with the sheer number of process-intensive requests and that the website or application will no longer be properly displayed.