httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Akins, Brian" <Brian.Ak...@turner.com>
Subject A modest proposal, was Re: Mitigating the Slowloris DoS attack
Date Wed, 24 Jun 2009 00:39:54 GMT
On 6/23/09 12:48 AM, "Paul Querna" <paul@querna.org> wrote:

> Mitagation is the wrong approach.
> 
> We all know our architecture is wrong.

Another heretical suggestion:

Lighttpd and nginx are both release under BSD-like licenses.

Hear me out.

I've actually been thinking "how possible would it be to transform one of
them into httpd 3.0?" Nginx has a few architectural issues (a different
cache for fasctcgi versus proxy??) and lighttpd is still fairly immature
(cache can't handle Vary, lots of stuff broken when running multiple
processes).  However, just think if the forces of us and "them" combined
(well, one of them).  My personal pick is lighttpd - the community would fit
better (nginx is almost all in Russian) and it already has a lot of Lua :)

I know this would probably only even be considered in a bizzaro parallel
universe.  However, what are our alternatives?

-- 
Brian Akins
Chief Operations Engineer
Turner Digital Media Technologies


Mime
View raw message