Return-Path: 
 <users-return-112478-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-users-archive@www.apache.org
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2E53E184CC
	for <apmail-httpd-users-archive@www.apache.org>;
 Mon, 16 Nov 2015 16:54:07 +0000 (UTC)
Received: (qmail 39531 invoked by uid 500); 16 Nov 2015 16:54:04 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 39502 invoked by uid 500); 16 Nov 2015 16:54:04 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 39493 invoked by uid 99); 16 Nov 2015 16:54:04 -0000
Received: from mail-relay.apache.org (HELO mail-relay.apache.org)
 (140.211.11.15)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 16 Nov 2015 16:54:04 +0000
Received: from [192.168.1.36] (2804ds5-soeb.0.fullrate.dk [90.184.204.23])
	by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with
 ESMTPSA id 826C71A00C5
	for <users@httpd.apache.org>; Mon, 16 Nov 2015 16:54:02 +0000 (UTC)
To: users@httpd.apache.org
References: <D26F7374.624BF%jbrose@utk.edu>
From: Daniel Gruno <humbedooh@apache.org>
Message-ID: <564A0A26.3000603@apache.org>
Date: Mon, 16 Nov 2015 17:53:58 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <D26F7374.624BF%jbrose@utk.edu>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Subject: Re: [users@httpd] TimeOut

On 11/16/2015 05:50 PM, Rose, John B wrote:
> Looking in the Security Tips document for Apache this is said �
> 
>   * The |TimeOut
>     <https://httpd.apache.org/docs/2.4/mod/core.html#timeout>| directive
>     should be lowered on sites that are subject to DoS attacks. Setting
>     this to as low as a few seconds may be appropriate. As |TimeOut
>     <https://httpd.apache.org/docs/2.4/mod/core.html#timeout>| is
>     currently used for several different operations, setting it to a low
>     value introduces problems with long running CGI scripts.'
> 
> The default is 60 seconds, I have had a discussion where I was told
> maybe 2-5 seconds is a good setting. 
> 
> What is commonly used nowadays in 2.4 on robust networks and architectures?
> 
> thanks

For guarding against slow loris and the likes, please see
https://httpd.apache.org/docs/2.4/mod/mod_reqtimeout.html instead.

With regards,
Daniel.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org