Making HTTP Server less vulnerable DOS Attack


**These steps were done on CentOS 6 Server

Step 1: Upgrade Apache HTTP to the latest version

# yum update httpd

Step 2: Edit the httpd.conf.

# vim /etc/httpd/conf/httpd.conf

Inside httpd.conf. Scroll all the way to LoadModule………. section and add the line

LoadModule reqtimeout_module modules/mod_reqtimeout.so

Step 3: Create a /etc/httpd/conf.d/reqtimeout.conf and put in the informationbelow

<ifmodule reqtimeout_module>
RequestReadTimeout header=10-20,minrate=500
RequestReadTimeout body=10,minrate=500
</ifmodule>

Step 4: To check whether the apache module is loaded, do

# apachectl -M

Or

apache2ctl -M

References:

  1. Mitigating WAS QID 150085 Slow HTTP POST Vulnerability on Apache

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.