keepalive_timeout 1 1 & client_body_buffer_size question
David Taveras
d3taveras38d3 at gmail.com
Tue Mar 9 01:51:55 MSK 2010
Hello,
Iam currently exploring the following directives
First
keepalive_timeout 1 1 ... Suppose Iam getting a slowloris attack, I
think this is a great parameter to reduce in such case. Would normal
browser simply reopen a connection if they could not work on that low
keep alive timeout? How would browsers react aside probably if they
are behind a slow connection it would cause them to send a new
connection for each request?
Second..
I have been told that setting a low (1k) client_body_buffer_size is
suitable to protect against buffer overflows. However Iam reading that
any body buffer size greater then that will simply be written to the
disk. What exactly is the advantage here? How would I be able to test
this parameter from the outside?
(To be honest I dont know what a client body buffer size is.. tried
google but that didnt help much)
David
More information about the nginx
mailing list