aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/apache_mod_security/apache_mod_security.inc9
-rw-r--r--config/apache_mod_security/apache_mod_security_settings.xml11
2 files changed, 19 insertions, 1 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc
index 4eb24c2c..38d53601 100644
--- a/config/apache_mod_security/apache_mod_security.inc
+++ b/config/apache_mod_security/apache_mod_security.inc
@@ -221,6 +221,12 @@ function generate_apache_configuration() {
else
$secauditengine = "RelevantOnly";
+ // SecReadStateLimit
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['SecReadStateLimit'])
+ $secreadstatelimit = "SecReadStateLimit " . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['SecReadStateLimit'] ."\n";
+ else
+ $secreadstatelimit = "";
+
$mod_proxy .= <<<EOF
# Off when using ProxyPass
@@ -409,6 +415,9 @@ EOF;
# Only allow bytes from this range
SecFilterForceByteRange 1 255
+ # Help prevent the effects of a Slowloris-type of attack
+ $secreadstatelimit
+
# Cookie format checks.
SecFilterCheckCookieFormat On
diff --git a/config/apache_mod_security/apache_mod_security_settings.xml b/config/apache_mod_security/apache_mod_security_settings.xml
index e313f3c8..4bbc4ea2 100644
--- a/config/apache_mod_security/apache_mod_security_settings.xml
+++ b/config/apache_mod_security/apache_mod_security_settings.xml
@@ -120,7 +120,6 @@
</description>
<type>input</type>
</field>
-
<field>
<fielddescr>Use mod_disk_cache</fielddescr>
<fieldname>mod_disk_cache</fieldname>
@@ -142,6 +141,16 @@
<type>input</type>
</field>
<field>
+ <fielddescr>Limits number of POSTS accepted from same IP address</fielddescr>
+ <fieldname>SecReadStateLimit</fieldname>
+ <description>
+ <![CDATA[
+ Help prevent the effects of a Slowloris-type of attack. More information about this attack can be found here: http://blog.spiderlabs.com/2010/11/advanced-topic-of-the-week-mitigating-slow-http-dos-attacks.html
+ ]]>
+ </description>
+ <type>input</type>
+ </field>
+ <field>
<fielddescr>Configures the maximum request body size ModSecurity will store in memory.</fielddescr>
<fieldname>secrequestbodyinmemorylimit</fieldname>
<description>Configures the maximum request body size ModSecurity will store in memory.</description>