Results 1 to 4 of 4

Thread: Apache+HTTPD.conf

  1. #1

    Default Apache+HTTPD.conf

    Hey guys, I am making a denial of service attack on my Apache configuration and I need to change the timeout variable inside the Apache configuration.

    My issue is, I can't find the timeout line or any other insructions inside the httpd.conf file.(Inside etc/apache2)

    All the file contains are includes to other files and I've looked in all of them without success(expcet for the keepAlive).

    Is it possible that these lines are not inside my configuration? I doubt it because my DoS attack didn't even affect Apache.

    P.S I used Yast to install apache2.

  2. #2

    Default Re: Apache+HTTPD.conf

    Maybe I'm missing something but how does timeout effect a DoS? Unless I'm mistaken it's more a question of how many people you can reply to i.e concurrency.

    Not whether one person hangs around that is taking little bandwidth.

    I got to 20 and was seeing noticeable affects had I had better cooling I might of pushed it further but it was already too hot for my liking.

    Anyway my understanding is the default is 300 secs already, which kinda confirms my thoughts, I doubt pushing it up further is going to help the DoS. https://httpd.apache.org/docs/2.0/mod/core.html#timeout
    Man first, have a try at Info, have a look at Wiki, if all that fails Scroogle!!!!!
    If I've helped click on the Rep button I don't know what it does but it sounds cool.

  3. #3

    Default Re: Apache+HTTPD.conf

    Quote Originally Posted by FeatherMonkey View Post
    Maybe I'm missing something but how does timeout effect a DoS? Unless I'm mistaken it's more a question of how many people you can reply to i.e concurrency.

    Not whether one person hangs around that is taking little bandwidth.

    I got to 20 and was seeing noticeable affects had I had better cooling I might of pushed it further but it was already too hot for my liking.

    Anyway my understanding is the default is 300 secs already, which kinda confirms my thoughts, I doubt pushing it up further is going to help the DoS. https://httpd.apache.org/docs/2.0/mod/core.html#timeout
    All I want to know, is WHY does the <timeout> variable or many others AREN'T in my HTTPD.CONF file.

    Maybe it stores it somewhere else, cause on Ubuntu it's all inside apache.conf

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Apache+HTTPD.conf

    It just uses the compiled default of 300 if not specified. You can add it yourself if you like, either in server-tuning.conf or inside a vhost conf.

    core - Apache HTTP Server

    I don't see from the description how it would help much with a DoS, but there's nothing to stop you setting it lower.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •