Posted Jun 25, 2009 4:53 UTC (Thu) by khim
In reply to: Apache attacked by a "slow loris"
Parent article: Apache attacked by a "slow loris"
So the easy solution, I suppose, is just to use Lighttpd or
something like that as a reverse proxy for your Apache
you look on the latest survey
you'll find out that millions are already running
"something like that". Nginx was designed from ground up to work in such
situation - if you know your apache process usually generates page 100K in
size you can specify this as buffer size to nginx and then your "real"
will be freed in milliseconds and when occasional long page will be
nginx will wait for backend. Lighthttpd uses similar architecture, but it's
less configurable when used as http-accelerator.
And of course when you send static pages it makes perfect sense to use
sendfile(2) and forget about everything (nginx does more or less that -
a few small structures to handle "keep alive" connections).
That's why I can not see what's so important happened: this is
well-known apache problem but while it can not be solved with apache alone
it can be solved with additional software - and was solved for years
by real admins on millions of systems.
to post comments)