httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Ristic <iv...@webkreator.com>
Subject readTrivial enhancement request
Date Mon, 06 Sep 2004 15:37:05 GMT

[ The request is trivial to implement (at least I think so),
  but the feature itself is very important. ]

  If one connects to Apache 1.3.x and just sits on the
  connection, it gets disconnected after a while and a
  message is written to the error log:

  "[info] [client 127.0.0.1] read request line timed out"

  This does not happen with Apache 2.0.x. That is very
  unfortunate, since the message can be used to detect
  subtle denial of service attacks against Apache. And,
  after the detection, makes it much easier to figure
  out where the attacker is coming from.

  Would someone put the message back in, please?

-- 
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]

Mime
View raw message