Advisory: Protecting against Slowloris
Slowloris is a denial of service attack that reduces the available connections in the pool by holding the connection open and not completing the request. This prevents other valid clients getting their requests serviced.
Preventing and mitigating Slowloris on FileCloud for Windows
Open c:\xampp\apache\conf\httpd.conf and uncomment the following line.
#LoadModule reqtimeout_module modules/mod_reqtimeout.so
and change to
LoadModule reqtimeout_module modules/mod_reqtimeout.so
Also in the same file c:\xampp\apache\conf\httpd.conf file and add the following lines.
<IfModule mod_reqtimeout.c> RequestReadTimeout header=20-40,MinRate=500 body=60,MinRate=500 </IfModule>
- Restart the Webserver
Preventing and mitigating Slowloris on FileCloud for Linux
Run the following command for Ubuntu or Debian.
a2enmod reqtimeout