web-manager slow-attack timeout

Function

The web-manager slow-attack timeout command sets the timeout period for defense against HTTP slow attack packets on the web server.

The undo web-manager slow-attack timeout command restores the default timeout period for defense against HTTP slow attack packets on the web server.

Format

web-manager slow-attack timeout timeout

undo web-manager slow-attack timeout

Parameters

Parameter	Description	Value
timeout	Specifies the timeout period for defense against HTTP slow attack packets on the web server.	The value is an integer ranging from 1 to 60, in seconds.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

The default timeout period for defense against HTTP slow attack packets on the web server is 30s.

The web-manager slow-attack timeout command takes effect only after the web-manager slow-attack defend enable command is run.

After the web-manager slow-attack timeout command is run, the FW can defend against the following types of HTTP slow attacks:

HTTP GET/POST packet headers do not have the terminator.
Defense method: If the server does not receive the header terminator of the HTTP GET/POST packet within the configured timeout period, the FW will cut off the HTTP connection.
After the server responds to the HTTP request from the client, the client sends messages to the server for a long time, indicating that the client does not have a buffer for receiving data.
Defense method: If the server does not receive the header terminator of the HTTP GET/POST packet within the configured timeout period, the FW will cut off the HTTP connection.

Example

# Set the timeout period for defense against HTTP slow attack packets on the web server to 20s.

<sysname> system-view
[sysname] web-manager slow-attack defend enable
[sysname] web-manager slow-attack timeout 20