Welcome! Log In Create A New Profile

Re: Slow read attack in HTTP/2

Forum List Message List New Topic Print View

Valentin V. Bartenev

August 19, 2016 08:00AM

On Friday 19 August 2016 17:06:41 Sharan J wrote:
> Hi,
>
> Would like to know what timeouts should be configured to mitigate slow read
> attack in HTTP/2.
>

A quote from the commit:

| Now almost all the request timeouts work like in HTTP/1.x connections, so
| the "client_header_timeout", "client_body_timeout", and "send_timeout" are
| respected. These timeouts close the request.

and the documentation links:

http://nginx.org/r/client_header_timeout
http://nginx.org/r/client_body_timeout
http://nginx.org/r/send_timeout

> Referred ->
> https://trac.nginx.org/nginx/changeset/4ba91a4c66a3010e50b84fc73f05e84619396885/nginx?_ga=1.129092111.226709851.1453970886
>
> Could not understand what you have done when all streams are stuck on
> exhausted connection or stream windows. Please can you explain me the same.
[..]

Each stream has its own timeout configured by the directives mentioned above.
If there's no progress on a stream during one of these timeouts then the stream
is closed.

wbr, Valentin V. Bartenev

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Slow read attack in HTTP/2	Sharan J	August 19, 2016 07:46AM
Re: Slow read attack in HTTP/2	Valentin V. Bartenev	August 19, 2016 08:00AM
Re: Slow read attack in HTTP/2	Sharan J	August 19, 2016 08:40AM
Re: Slow read attack in HTTP/2	Валентин Бартенев	August 19, 2016 09:54AM
Re: Slow read attack in HTTP/2	Sharan J	August 22, 2016 03:12AM
Re: Slow read attack in HTTP/2	Valentin V. Bartenev	August 22, 2016 06:14AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 208

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018