Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: mod_security crs_11_slow_dos_protection rule False Positive |
|
| Author |
|
pipetka
Joined: 31 Mar 2014
Posts: 1
|
 Posted: Mon 31 Mar '14 13:44 Post subject: mod_security crs_11_slow_dos_protection rule False Positive |
 |
|
Hi,
After modsecurity_crs_11_slow_dos_protection.conf rule activation I receive the following message in the browser:
The connection was reset
And have the following lines in the error.log
[:warn] [pid 4152:tid 1692] ModSecurity: Access denied with code 400. Too many threads [1920] of 250 allowed in READ state from 172.16.1.222 - Possible DoS Consumption Attack [Rejected]
It seems that the cause of such behavior is
SecReadStateLimit 250 variable in modsecurity_crs_11_slow_dos_protection.conf file.
Is that a normal having 1920 threads from one page in the browser? How can I resolve the issue?
Thank you in advance |
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU
|
|
| Back to top |
|
|
|
|
|
|
