Home Explore Help
Sign In
master
/
auto4certbot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3c81f8e493
Branches Tags
auto4certbot
/
docs
/
apache2_examples
/
apache2-subdomen1
/
mods-available
/
reqtimeout.conf

reqtimeout.conf 1.1 KB
History Raw

12345678910111213141516171819202122 
  1. # mod_reqtimeout limits the time waiting on the client to prevent an
    2. 

  2. # attacker from causing a denial of service by opening many connections
    3. 

  3. # but not sending requests. This file tries to give a sensible default
    4. 

  4. # configuration, but it may be necessary to tune the timeout values to
    5. 

  5. # the actual situation. Note that it is also possible to configure
    6. 

  6. # mod_reqtimeout per virtual host.
    7. 

  7. 

  8. 

  9. # Wait max 20 seconds for the first byte of the request line+headers
    10. 

  10. # From then, require a minimum data rate of 500 bytes/s, but don't
    11. 

  11. # wait longer than 40 seconds in total.
    12. 

  12. # Note: Lower timeouts may make sense on non-ssl virtual hosts but can
    13. 

  13. # cause problem with ssl enabled virtual hosts: This timeout includes
    14. 

  14. # the time a browser may need to fetch the CRL for the certificate. If
    15. 

  15. # the CRL server is not reachable, it may take more than 10 seconds
    16. 

  16. # until the browser gives up.
    17. 

  17. RequestReadTimeout header=20-40,minrate=500
    18. 

  18. 

  19. # Wait max 10 seconds for the first byte of the request body (if any)
    20. 

  20. # From then, require a minimum data rate of 500 bytes/s
    21. 

  21. RequestReadTimeout body=10,minrate=500
    22. 

  22.