pool/apache2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- enable mod_reqtimeout by default via APACHE_MODULES in

Browse Source 
/etc/sysconfig/apache2, configuration 
  /etc/apache2/mod_reqtimeout.conf .
  Of course, the existing configuration remains unchanged.

OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=354
This commit is contained in:
Roman Drahtmueller 2012-01-21 12:57:30 +00:00 committed by Git OBS Bridge
parent 3fdc7560a6
commit 58cce20330
4 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
apache2-mod_reqtimeout.conf Normal file
View File

@ -0,0 +1,29 @@
#
# Set timeout and minimum data rate for receiving requests to limit
# the effects of denial of service attacks that connect, but let the
# server wait for the completion of the request, thereby allocating
# resources. The most commonly name for this attack method is
# slowloris.
#
# mod_reqtimeout.c must be loaded.
#
# see https://httpd.apache.org/docs/2.2/mod/mod_reqtimeout.html
# or /usr/share/apache2/manual/mod/mod_reqtimeout.html.en
#
# Note:
# the RequestReadTimeout directive can also be placed into a
# virtual host context.
#
# Play around with variations of the below values if you are
# under attack from slowloris or a similar tool.
<IfModule mod_reqtimeout.c>
# allow 10s timeout for the headers and allow 1s more until 20s upon
# receipt of 1000 bytes.
# almost the same with the body, except that it is tricky to
# limit the request timeout within the body at all - it may take
# time to generate the body.
RequestReadTimeout header=10-20,MinRate=1000 body=20,MinRate=1000
</IfModule>

8
apache2.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Sat Jan 21 13:54:01 CET 2012 - draht@suse.de
- enable mod_reqtimeout by default via APACHE_MODULES in
/etc/sysconfig/apache2, configuration
/etc/apache2/mod_reqtimeout.conf .
Of course, the existing configuration remains unchanged.
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Dec 10 10:34:26 CET 2011 - meissner@suse.de Sat Dec 10 10:34:26 CET 2011 - meissner@suse.de

1
apache2.spec
View File

@ -121,6 +121,7 @@ Source110: apache2-mod_userdir.conf
Source111: apache2-server-tuning.conf Source111: apache2-server-tuning.conf
Source113: apache2-ssl-global.conf Source113: apache2-ssl-global.conf
Source114: apache2-mod_usertrack.conf Source114: apache2-mod_usertrack.conf
Source115: apache2-mod_reqtimeout.conf
Source130: apache2-vhost.template Source130: apache2-vhost.template
Source131: apache2-vhost-ssl.template Source131: apache2-vhost-ssl.template
Source140: apache2-check_forensic Source140: apache2-check_forensic

2
sysconfig.apache2
View File

@ -72,7 +72,7 @@ APACHE_CONF_INCLUDE_DIRS=""
# apache's default installation # apache's default installation
# APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir" # APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir"
# your settings # your settings
APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5" APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5 reqtimeout"
## Type: string ## Type: string