Slowloris is a tool used for DoS (Denial of Service) on HTTP servers. Basically, Slowloris opens the maximum number of connections possible, leading the server to “exhaustion”. Some of the webservers affected are:
- Apache 1.x
- Apache 2.x
- dhttpd
- IIS6.0
- IIS7.0
- lighttpd
- Squid
- nginx
- Cherokee
- Netscaler
- Cisco CSS
How to protect Apache from attacks?
There is a module for Apache called mod_antiloris, which limits the number of connections per IP and thus protects your Apache server from Slowloris DoS attacks.
To install the module, follow these steps:
$ cd /usr/local/src
$ wget https://masterdaweb.com/wp-content/uploads/2013/02/mod_antiloris-0.4.zip
$ unzip mod_antiloris-0.4.zip
$ cd mod_antiloris-*
$ apxs -a -i -c mod_antiloris.c
Restart the Apache server:
$ /etc/init.d/apache2 restart
Check that the module has been loaded:
$ apache2ctl -M
Your server should now be protected against Slowloris DoS attacks.
- Tags:
- apache
