The Slowloris attack attempts to exhaust available server resources by opening a large number of connections to a target web server. Then, these connections are held open for as long as possible to prevent these resources from being freed. As there are a finite number of resources available to a web server, other clients will be unable to reach your server.
Procedure
From WHM, navigate to Service Configuration > Apache Configuration.
On the Apache Configuration page, select the Include editor.
In the Include Editor, select the Pre Main include for All Versions and add the following:
<IfModule mod_reqtimeout.c>
RequestReadTimeout header=20-40,MinRate=500 body=20-40,MinRate=500
</IfModule>
This configuration will wait up to 20 seconds for header data. As long as the client sends header data at a rate of 500 bytes per second, the server will wait for up to 40 seconds for the headers to complete.
This configuration will also wait up to 20 seconds for body data. As long as the client sends header data at a rate of 500 bytes per second, the server will wait for up to 40 seconds for the body of the request to complete.
Resources
For more information on this attack, as well as additional ways to mitigate it, please see:
Comments
0 comments
Article is closed for comments.