aboutsummaryrefslogtreecommitdiffstats
path: root/config/apache_mod_security/apache_mod_security.inc
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2010-11-23 16:40:01 -0500
committerScott Ullrich <sullrich@pfsense.org>2010-11-23 16:40:12 -0500
commitdac6b5617dc0ebea6b68c4eda354649780cda217 (patch)
tree3af83b585cd45452107a0bab712b8029b402146b /config/apache_mod_security/apache_mod_security.inc
parent5916e670ad3182efb162e98f186888422f2b7465 (diff)
downloadpfsense-packages-dac6b5617dc0ebea6b68c4eda354649780cda217.tar.gz
pfsense-packages-dac6b5617dc0ebea6b68c4eda354649780cda217.tar.bz2
pfsense-packages-dac6b5617dc0ebea6b68c4eda354649780cda217.zip
Adding SecReadStateLimit. Requires 2.5.13 which should be out shortly.
Diffstat (limited to 'config/apache_mod_security/apache_mod_security.inc')
-rw-r--r--config/apache_mod_security/apache_mod_security.inc9
1 files changed, 9 insertions, 0 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc
index 4eb24c2c..38d53601 100644
--- a/config/apache_mod_security/apache_mod_security.inc
+++ b/config/apache_mod_security/apache_mod_security.inc
@@ -221,6 +221,12 @@ function generate_apache_configuration() {
else
$secauditengine = "RelevantOnly";
+ // SecReadStateLimit
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['SecReadStateLimit'])
+ $secreadstatelimit = "SecReadStateLimit " . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['SecReadStateLimit'] ."\n";
+ else
+ $secreadstatelimit = "";
+
$mod_proxy .= <<<EOF
# Off when using ProxyPass
@@ -409,6 +415,9 @@ EOF;
# Only allow bytes from this range
SecFilterForceByteRange 1 255
+ # Help prevent the effects of a Slowloris-type of attack
+ $secreadstatelimit
+
# Cookie format checks.
SecFilterCheckCookieFormat On
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 17:28:28 +0000