On Tue, 2009-06-23 at 15:11 +0200, Bastien LEGRAS wrote: > Hi, > > I just tried the perl script against my 2.2 apache under ubuntu 8.04 > and found I could make my apache server unavailable in 30 sec with the > little hack script you can find here http://ha.ckers.org/slowloris/ > > Has anyone heard of a configuration or a ongoing fix to protect Apache > against such attacks ? > > Thanks > > -- > Cordialement / Best Regards > > Bastien LEGRAS > Use the event MPM rather than prefork. Other people are suggesting mod_evasive would prevent it, but I have not verified that. Cheers Tom --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|