Yesterday we were hit with a type of denial of service attack called a slow http DoS attack. Basically, the attacker starts a request but does not finish sending the header causing that connection to hang indefinitely. The process is repeated until all the worker slots are full waiting for the requesting end to finish sending the request header. At this point the web server is no longer able to service legitimate requests.
I installed a module called mod_qos that mitigated the attack but it was buggy and wedged the server this morning. It has been uninstalled and replaced with modreqtimeout that allows timeouts to be set on header and body requests.
What's Up With Eskimo's Community!
1 post • Page 1 of 1
Users browsing this forum: No registered users and 1 guest