httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: mod_noloris: mitigating against slowloris-style attack
Date Thu, 25 Jun 2009 13:57:29 GMT
On Thu, Jun 25, 2009 at 9:39 AM, Nick Kew<> wrote:

> Is this worth hacking up, or more trouble than it saves?

I think an ultra-simple IP-limiting module is useful, but tough/scary
for users to get a whitelist right.

It sounds like wrowess trusted proxy stuff (don't recall the name)
might save us from having to worry about such a list in this module,
which is handy -- but does that account for things like NAT or

Eric Covener

View raw message