Slow HTTP Dos Attack

What's Up With Eskimo's Community!

Moderators: Nanook, carl

User avatar
Nanook
Senior Member
Posts: 90
Joined: Tue Jun 25, 2013 10:08 pm
Location: Shoreline
Contact:

Slow HTTP Dos Attack

Postby Nanook » Mon Dec 07, 2015 11:08 am

Yesterday we were hit with a type of denial of service attack called a slow http DoS attack. Basically, the attacker starts a request but does not finish sending the header causing that connection to hang indefinitely. The process is repeated until all the worker slots are full waiting for the requesting end to finish sending the request header. At this point the web server is no longer able to service legitimate requests.

I installed a module called mod_qos that mitigated the attack but it was buggy and wedged the server this morning. It has been uninstalled and replaced with modreqtimeout that allows timeouts to be set on header and body requests.

Who is online

Users browsing this forum: No registered users and 0 guests