You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by sf...@apache.org on 2011/10/24 18:17:44 UTC
svn commit: r1188200 - in /httpd/httpd/trunk/docs/manual/misc:
security_tips.html.en security_tips.xml
Author: sf
Date: Mon Oct 24 16:17:44 2011
New Revision: 1188200
URL: http://svn.apache.org/viewvc?rev=1188200&view=rev
Log:
Mention mod_reqtimeout in the DoS mitigation section
Modified:
httpd/httpd/trunk/docs/manual/misc/security_tips.html.en
httpd/httpd/trunk/docs/manual/misc/security_tips.xml
Modified: httpd/httpd/trunk/docs/manual/misc/security_tips.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/misc/security_tips.html.en?rev=1188200&r1=1188199&r2=1188200&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/misc/security_tips.html.en (original)
+++ httpd/httpd/trunk/docs/manual/misc/security_tips.html.en Mon Oct 24 16:17:44 2011
@@ -84,6 +84,10 @@
settings that can help mitigate problems:</p>
<ul>
+ <li>The <code class="directive"><a href="../mod/mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout</a></code>
+ directive allows to limit the time a client may take to send the
+ request.</li>
+
<li>The <code class="directive"><a href="../mod/core.html#timeout">TimeOut</a></code> directive
should be lowered on sites that are subject to DoS attacks.
Setting this to as low as a few seconds may be appropriate.
Modified: httpd/httpd/trunk/docs/manual/misc/security_tips.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/misc/security_tips.xml?rev=1188200&r1=1188199&r2=1188200&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/misc/security_tips.xml (original)
+++ httpd/httpd/trunk/docs/manual/misc/security_tips.xml Mon Oct 24 16:17:44 2011
@@ -73,6 +73,10 @@
settings that can help mitigate problems:</p>
<ul>
+ <li>The <directive module="mod_reqtimeout">RequestReadTimeout</directive>
+ directive allows to limit the time a client may take to send the
+ request.</li>
+
<li>The <directive module="core">TimeOut</directive> directive
should be lowered on sites that are subject to DoS attacks.
Setting this to as low as a few seconds may be appropriate.