httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1032700 - /httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en
Date Mon, 08 Nov 2010 20:49:47 GMT
Author: sf
Date: Mon Nov  8 20:49:47 2010
New Revision: 1032700

URL: http://svn.apache.org/viewvc?rev=1032700&view=rev
Log:
update transformation

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en

Modified: httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en?rev=1032700&r1=1032699&r2=1032700&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_reqtimeout.html.en Mon Nov  8 20:49:47 2010
@@ -75,6 +75,16 @@
         </code></p></div>
       </li>
 
+      <li>
+        Usually, a server should have both header and body timeouts configured.
+        If a common configuration is used for http and https virtual hosts, the
+        timeouts should not be set too low:
+
+        <div class="example"><p><code>
+          RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
+        </code></p></div>
+      </li>
+
     </ol>
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
@@ -97,8 +107,13 @@
     is sent.</p>
 
     <p>For SSL virtual hosts, the header timeout values include the time needed
-    to do the initial SSL handshake. The body timeout values include the time
-    needed for SSL renegotiation (if necessary).</p>
+    to do the initial SSL handshake.  If the user's browser is configured to
+    query certificate revocation lists and the CRL server is not reachable, the
+    initial SSL handshake may take a significant time until the browser gives up
+    waiting for the CRL.  Therefore the header timeout values should not be set
+    to very low values for SSL virtual hosts.
+    The body timeout values include the time needed for SSL renegotiation
+    (if necessary).</p>
 
     <p>When an <code class="directive"><a href="../mod/core.html#acceptfilter">AcceptFilter</a></code>
is in use
     (usually the case on Linux and FreeBSD), the socket is not sent to the



Mime
View raw message