Slowloris DoS – How to protect your Apache

shape
shape
shape
shape
shape
shape
shape
shape

Slowloris is a tool used for DoS (Denial of Service) on HTTP servers. Basically, Slowloris opens the maximum number of connections possible, leading the server to “exhaustion”. Some of the webservers affected are:

  • Apache 1.x
  • Apache 2.x
  • dhttpd
Below are some of the webservers that are NOT affected by Slowloris:
  • IIS6.0
  • IIS7.0
  • lighttpd
  • Squid
  • nginx
  • Cherokee
  • Netscaler
  • Cisco CSS

How to protect Apache from attacks?

There is a module for Apache called mod_antiloris, which limits the number of connections per IP and thus protects your Apache server from Slowloris DoS attacks.

To install the module, follow these steps:

$ cd /usr/local/src
$ wget https://masterdaweb.com/wp-content/uploads/2013/02/mod_antiloris-0.4.zip
$ unzip mod_antiloris-0.4.zip
$ cd mod_antiloris-*
$ apxs -a -i -c mod_antiloris.c

Restart the Apache server:

$ /etc/init.d/apache2 restart

Check that the module has been loaded:

$ apache2ctl -M

Your server should now be protected against Slowloris DoS attacks.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest news

Latest news directly from our blog.