Hi list!

We tested mod_antiloris 0.4 and found it quite efficient, but before
putting it in production, we would like to hear some feedback from
freebsd users. We are using Apache 2.2.x on Freebsd 6.2 and 7.2. Is
anyone using it? Do you have any other way to patch against Slowloris
other than putting a proxy in front or using the HTTP accept filter?

Thanks for your feedback,

Martin
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listin ... d-security
To unsubscribe, send any mail to
"freebsd-security-unsubscribe@freebsd.org"
Hello,

Martin Turgeon wrote:
Hi list!

We tested mod_antiloris 0.4 and found it quite efficient, but before
putting it in production, we would like to hear some feedback from
freebsd users. We are using Apache 2.2.x on Freebsd 6.2 and 7.2. Is
anyone using it? Do you have any other way to patch against Slowloris
other than putting a proxy in front or using the HTTP accept filter?

Thanks for your feedback,

Martin
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listin ... d-security
To unsubscribe, send any mail to
"freebsd-security-unsubscribe@freebsd.org"
Hello,

I am using it succesfully although not under any serious load, same
Apache and FreeBSD versions. I found it easy (compared to the
alternatives) and efficient, and no I don't know of any other ways of
blocking the attack, short of using Varnish or similar. However,
accf_http doesn't help at all, since HTTP POST requests bypass the
filter. HTTP POST can be enabled by passing the -httpready switch to
Slowloris.

Please report back with your findings, I've been wondering how it
would perform under load.

Best of luck with it,

Thomas Rasmussen