Linux

Slowloris protection

Slow lori {Nyctiicebus coucang} captive

Maybe you have heard of Slowloris?
Slowloris is a type of denial of service attack invented by Robert “RSnake” Hansen which allows a single machine to take down another machine’s web server with minimal bandwidth and side effects on unrelated services and ports.

If you want to protect from it you can install mod_antiloris

1) Download the installer from sourceforge and install

cd /usr/local/src

wget http://sourceforge.net/projects/mod-antiloris/files/mod_antiloris-0.4.tar.bz2

tar -xvjf mod_antiloris-0.4.tar.bz2

cd mod_antiloris-*

apxs -a -i -c mod_antiloris.c (if this command do not work use apxs2 instead)

2) Now restart Apache

service httpd restart

3) check whether mod_antiloris loaded or not

httpd -M | grep antiloris

Note if you are using cpanel server then you have to run the below command to make sure new modification are updated into configuration system file

/usr/local/cpanel/bin/apache_conf_distiller –update

About the author

Luka Paunovic

I am Linux System Administrator and student of Business economics at John Naisbitt University.
Love to blog and read blogs.