httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Bloom <>
Subject Re: DoS on POSTS
Date Fri, 26 Oct 2001 18:51:59 GMT
On Thursday 25 October 2001 08:52 pm, Ryan Bloom wrote:
> > It seems that there is a possibility for DoS on Apache servers
> > when doing a POST.  On, I can send the following
> > request:
> >
> > PUT / HTTP/1.1
> > Host:
> > Content-Length: 1000
> > <newline here>
> >
> > And just let it sit there forever. is running 2.0.24,
> > and I'm running out of CVS and seeing the same behaviour.  Seems bogus to
> > me.
> Well, after a few weeks of meaning to look into this, I finally have.  Jon,
> you are 100% correct that this does happen.  The problem is the
> handle_map_file handler.  I have begun to track it down, but what is
> happening, is that the first request fails after the timeout is hit.  The
> error page is requested, and that gets sent back to the
> ap_internal_redirect, but the content-length is still set, so the second
> request is hosed.  Then we end up in an endless loop.
> I haven't really looked at how to fix this yet, and I have to write a part
> of my book tonight, but the first step is identifying the problem.  This
> goes away if you remove all of the .var files from the config file BTW.  I
> would suggest that if we don't fix ASAP, those lines should be removed from
> the site, and this MUST be fixed before we release the next
> beta.

Had more time to look at this.  It looks like we actually will timeout given enough
time, but by default that time limit is like 10 minutes.  I think this can be fixed
by setting the content-length to 0 when we go to serve error pages.  I am
attempting this now-ish.


Ryan Bloom
Covalent Technologies

View raw message