httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gonzalo Arana <gonzalo.ar...@gmail.com>
Subject Re: mod_noloris: mitigating against slowloris-style attack
Date Wed, 01 Jul 2009 12:33:06 GMT
Hi,

Keeping whitelist up to date is rather tricky.

How about having any/all of these directives?

# time between accept(2) call and the full request has been read.
RequestTimeout   1

# minimum bandwith the user should have available to access this server.
MinInRate             2KB/s
MinOutRate             3KB/s

One extra note: it would be good to let these Min{In,Out}Rate be
overriden for large files (audio/video files, for instance).

Best regards,

-- 
Gonzalo A. Arana

Mime
View raw message