Looking in the Security Tips document for Apache this is said …
- The
TimeOut directive
should be lowered on sites that are subject to DoS attacks. Setting this to as low as a few seconds may be appropriate. As TimeOut is
currently used for several different operations, setting it to a low value introduces problems with long running CGI scripts.'
The default is 60 seconds, I have had a discussion where I was told maybe 2-5 seconds is a good setting.
What is commonly used nowadays in 2.4 on robust networks and architectures?
thanks
|