Logging Timeout'd Request in Apache 2.X
Posted
by
m3rLinEz
on Server Fault
See other posts from Server Fault
or by m3rLinEz
Published on 2011-03-14T07:26:22Z
Indexed on
2011/03/14
8:12 UTC
Read the original article
Hit count: 489
Hello,
I am migrating some applications from Apache 1.3 to 2.2.
We used to run some tests where attacker opens some HTTP connection to our server, and do nothing. Apache 1.3 would log the following 408 code, for example:
126.1.86.85 - - [01/Dec/2010:06:26:19 +0000] "-" 408 - "-" 0
126.1.86.85 - - [01/Dec/2010:06:26:19 +0000] "-" 408 - "-" 0
But with Apache 2.2, nothing is logged to the log file. I run the same test by using netcat to open the connection:
$ nc IP_victim PORT_victim
$ nc 10.42.37.3 80
I would like to have Apache 2.2 log the same 408 code to the log file, so that we would know of attempted DoS attack from the outside. Do I need any more configuration in Apache 2 to enable this?
I have tried some different configurations such as LogLevel = Debug, Timeout 30, RequestReadTimeout header=10 body=30.
Thanks.
© Server Fault or respective owner