|Update: newer installs will have mod_reqtimeout, which is considered better than mod_antiloris.|
To check, type:
/usr/sbin/httpd -l | grep mod_reqtimeoutand make sure you see mod_reqtimeout.c in the output.
Also check /etc/httpd/conf/extra/httpd-default.conf for:
A slow loris attack is one where an IP will connect to your apache server and clog up all child processes with it's specially formed requests (I won't get into the details as to how).
The solution is to install mod_antiloris to only allow a certain number of simulatenous connections per IP at a time (I believe they set it to 5 by default)
The registered apache mod_antiloris module is listed here:
Quick install instructions:
Note that this module is for apache 2.x, and not 1.3.
|I want to limit the number of connections per IP, or throttle the bandwidth for all clients|
© 2003 JBMC Software, Suite 173 3-11 Bellerose Drive, St Albert, AB T8N 1P7 Canada. Mon-Fri 9AM-5PM MST