Denial of Service or Slow Loris – Apache/IHS


Slowloris or Slow HTTP DoS attack is a type of denial of service that can affect thread-based web servers such as Apache. This means that your Apache web servers for Faspex or Console are vulnerable to this attack (applications based on nginx, such as Shares, are safe).

The attack exploits the fact that Apache waits for complete HTTP headers to be received before closing an HTTP connection. This means that an attacker can send multiple incomplete GET requests and keep the connections open in order to block other users from getting their requests processed by the server.

Apache does have a default timeout of 300 seconds after which it stops waiting for incomplete HTTP headers and closes the connection, but since the timeout is reset once the client sends more data, an attacker can just continue to send garbage data and keep the connection open.



To mitigate this you can lower the timeout value to maybe 60 seconds.

  • Go to $Web_Server/conf directory
  • Open httpd.conf using vi
  • Add following in httpd.conf

                TimeOut 300  

Change it to below

               TimeOut 60

Restart Apache Web Server.