Slow HTTP Denial of Service Attack Warning
Hello,
When scanning my website with Acunetix, I got following security warning: Slow HTTP Denial of Service Attack.
As suggested on lots of websites and forums, I changed Apache's Timeout from defaults 300 seconds to less, several times to several different values.
It looks like if Timeout is 10 seconds, it went well, but any value more than this (like 15, 20, 25, 30 etc), it always returns same error - Slow HTTP Denial of Service Attack.
Can you give me suggestions how to fix this issue, because 10 senonds is not enough for normal website use?
Thank you in advance!
-
This sounds like an issue with that software scanner more than an issue with your cPanel. acunetix.com/blog/articles/response-time-affects-scans-performance/ acunetix.com/blog/articles/slow-http-dos-attacks-mitigate-apache-http-server/ 0 -
If you have ModSecurity you can limit the concurrent connections so that a single IP cannot cause apache to use all of its available connections. Set the following in your modsec2.user.conf located at /usr/local/apache/conf/modsec2.user.conf SecConnEngine On SecConnReadStateLimit 20 SecConnWriteStateLimit 20
Run "httpd configtest" before restarting apache. If you get any errors then your modsecurity version is out-dated. Comment out those lines (place a # before them), and then you can run an easyapache keeping your same version of Apache and PHP to get ModSecurity updated. Once that is done uncomment the lines and you should be good to go.0
Please sign in to leave a comment.
Comments
2 comments