Kommentarer til: Using Varnish and iptables_recent to fend off Slowloris attacks on CentOS http://www.klittum.dk/2009/06/25/using-varnish-and-iptables_recent-to-fend-off-slowloris-attacks-on-centos/ Vir prudens non contra ventum mingit Sun, 23 Aug 2009 13:35:39 +0000 http://wordpress.org/?v=2.9.2 hourly 1 Af: Administrator http://www.klittum.dk/2009/06/25/using-varnish-and-iptables_recent-to-fend-off-slowloris-attacks-on-centos/comment-page-1/#comment-350 Administrator Sun, 23 Aug 2009 13:35:39 +0000 http://www.klittum.dk/2009/06/25/using-varnish-and-iptables_recent-to-fend-off-slowloris-attacks-on-centos/#comment-350 Hi André, It appears to be a problem with Varnish, when it is recieving more than 4000 requests per second. This URL states so anyway: http://osdir.com/ml/web.varnish.misc/2007-10/msg00003.html 4000+ requests/s is a very high number, and it is way beyond where Apache gives up, så my solution should still be valid in most cases. However, you may be able to tweak Varnish to handle this in some way - however, this must be up others to test. And please report back if successful. Hi André,

It appears to be a problem with Varnish, when it is recieving more than 4000 requests per second. This URL states so anyway:

http://osdir.com/ml/web.varnish.misc/2007-10/msg00003.html

4000+ requests/s is a very high number, and it is way beyond where Apache gives up, så my solution should still be valid in most cases. However, you may be able to tweak Varnish to handle this in some way – however, this must be up others to test. And please report back if successful.

]]> Af: André Cardoso http://www.klittum.dk/2009/06/25/using-varnish-and-iptables_recent-to-fend-off-slowloris-attacks-on-centos/comment-page-1/#comment-348 André Cardoso Sun, 23 Aug 2009 08:53:33 +0000 http://www.klittum.dk/2009/06/25/using-varnish-and-iptables_recent-to-fend-off-slowloris-attacks-on-centos/#comment-348 Hi. I followed your guide, but when I attack the server with slowloris and try to access a page through the browser, I just get a 200 OK, with empty content -- a blank page! So it seems that my varnish is not stopping slowloris! Can you give me some help? Hi.
I followed your guide, but when I attack the server with slowloris and try to access a page through the browser, I just get a 200 OK, with empty content — a blank page! So it seems that my varnish is not stopping slowloris!

Can you give me some help?

]]>