Advisory: Protecting against Slowloris

Slowloris is a denial of service attack that reduces the available connections in the pool by holding the connection open and not completing the request. This prevents other valid clients getting their requests serviced.

Preventing and mitigating Slowloris on FileCloud for Windows

  1. Open c:\xampp\apache\conf\httpd.conf and uncomment the following line.

    #LoadModule reqtimeout_module modules/
    and change to
    LoadModule reqtimeout_module modules/
  2. Also in the same file c:\xampp\apache\conf\httpd.conf file and add the following lines.

    <IfModule mod_reqtimeout.c>
      RequestReadTimeout header=20-40,MinRate=500 body=60,MinRate=500
  3. Restart the Webserver

Preventing and mitigating Slowloris on FileCloud for Linux

  1. Run the following command for Ubuntu or Debian.

    a2enmod reqtimeout