httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: mod_noloris: mitigating against slowloris-style attack
Date Wed, 01 Jul 2009 12:04:15 GMT
Jeff Trawick wrote:
> On Wed, Jul 1, 2009 at 5:12 AM, Nick Kew <nick@webthing.com 
> <mailto:nick@webthing.com>> wrote:
> 
>     fredk2 wrote:
> 
>         Hi Nick,
> 
>         I looked at the code (I am not a coder) and wondered what made
>         you say "it's
>         geared clearly to the very small server. "
> 
> 
>     It gives you the overhead of reading the entire scoreboard for
>     every request.  You don't want to do that with high traffic,
>     nor with anything but a very small scoreboard.
> 
> 
> [I haven't looked at the code for a moment but]  why doesn't the parent 
> do the scanning?  Aside from an implementation detail or two, isn't that 
> the only practical implementation?
> 

I've actually hacked up mod_noloris to do exactly that.  Was planning to
test-drive then post, but since you bring the matter up, I'll attach it
here and now.

Commit to trunk?

-- 
Nick Kew


Mime
View raw message