httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Bloom <...@covalent.net>
Subject Re: DoS on POSTS
Date Fri, 26 Oct 2001 03:52:39 GMT

> It seems that there is a possibility for DoS on Apache servers
> when doing a POST.  On search.apache.org, I can send the following
> request:
>
> PUT / HTTP/1.1
> Host: search.apache.org:80
> Content-Length: 1000
> <newline here>
>
> And just let it sit there forever.  search.apache.org is running 2.0.24,
> and I'm running out of CVS and seeing the same behaviour.  Seems bogus to me.

Well, after a few weeks of meaning to look into this, I finally have.  Jon, you
are 100% correct that this does happen.  The problem is the handle_map_file
handler.  I have begun to track it down, but what is happening, is that the first
request fails after the timeout is hit.  The error page is requested, and that gets
sent back to the ap_internal_redirect, but the content-length is still set, so
the second request is hosed.  Then we end up in an endless loop.

I haven't really looked at how to fix this yet, and I have to write a part of my
book tonight, but the first step is identifying the problem.  This goes away if you
remove all of the .var files from the config file BTW.  I would suggest that if we
don't fix ASAP, those lines should be removed from the apache.org site, and
this MUST be fixed before we release the next beta.

Ryan

______________________________________________________________
Ryan Bloom				rbb@apache.org
Covalent Technologies			rbb@covalent.net
--------------------------------------------------------------

Mime
View raw message