httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Richards <>
Subject Re: Problems w/ deny
Date Tue, 07 Jan 1997 10:25:47 GMT
Alexei Kosut <> writes:

> On Tue, 7 Jan 1997, Rob Hartill wrote:
> > I think there should be a very small timeout of reading the request +
> > HTTP headers. I don't see why a server should wait more than a few (~5)
> > seconds for the basic request info. 
> I do: in development, often it is necessary to telnet to the server
> and type in a request (sometimes a rather complex one) manually. This
> can upwards of 30 seconds. However, I agree 20 minutes is ridiculous.

Summarising a few elements of this thread.

The server should wait a fair while since network lag can cause
problems otherwise. 20 minutes sounds like a blunder though and can be
considered a genuine bug that should be fixed for 1.2.

Apache shouldn't concern itself with network attacks. Apache is a web
server not a firewall tool, make it a good web server and rely on
other people to supply good firewalls. If you're getting attacked by a
site then Apache is not the place to try and deal with it.

A feature that allowed you to control the number of simultaneous
connections from a site is a very good one though for a very different
reason, i.e. licensing. I currently control the number of simultaneous
users from a site using cgi scripts, making this possible via the
access control mechanism of the server would be very useful.

  Paul Richards. Originative Solutions Ltd.  (Netcraft Ltd. contractor)
  Elsevier Science TIS online journal project.
  Phone: 0370 462071 (Mobile), +44 (0)1865 843155

View raw message