projects / haproxy-3.0.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a0250ba) | patch
[MEDIUM] introduce "timeout http-request" in frontends
authorWilly Tarreau <w@1wt.eu>
Sun, 6 Jan 2008 12:24:40 +0000 (13:24 +0100)
committerWilly Tarreau <w@1wt.eu>
Sun, 6 Jan 2008 12:24:40 +0000 (13:24 +0100)
commit036fae0ec927ec9d60956ca8748cd3d203c11fe6
tree2870efdcefb5e150c70f4947f560acbe29d4742etree | snapshot
parenta0250ba38da12775bcc829b13c063aa4e5e37b25commit | diff
[MEDIUM] introduce "timeout http-request" in frontends

In order to offer DoS protection, it may be required to lower the maximum
accepted time to receive a complete HTTP request without affecting the client
timeout. This helps protecting against established connections on which
nothing is sent. The client timeout cannot offer a good protection against
this abuse because it is an inactivity timeout, which means that if the
attacker sends one character every now and then, the timeout will not
trigger. With the HTTP request timeout, no matter what speed the client
types, the request will be aborted if it does not complete in time.
doc/configuration.txt diff | blob | history
include/types/proto_http.h diff | blob | history
include/types/proxy.h diff | blob | history
src/cfgparse.c diff | blob | history
src/client.c diff | blob | history
src/proto_http.c diff | blob | history
src/proxy.c diff | blob | history
tests/test-timeout.cfg diff | blob | history
haproxy-3.0 public tree. Stable production code.