• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2252
  • Last Modified:

Slow attach vulnerability

I have a site which returned the following vulnerability in one specific page.
How can I prevent it ?

#1 Response
Export...Vulnerable to slow HTTP POST attack
Connection with partial POST body remained open for: 305297 milliseconds
Server resets timeout after accepting request data from peer.
0
Aleks
Asked:
Aleks
1 Solution
 
pateljituCommented:
Vulnerable to slow HTTP POST attack a.k.a (DoS), this vulnerability may result into Denial of Service attack. As indicated by error there are certain POST request which are taking 5 minutes to complete, in which case if there are thousand of simultaneous request made it would result in your server to respond very slowly and become unresponsive (D0S).

Please see following article explaining vulnerability and possible fix by changing IIS settings, other solution is to work with WAF which would help detect and prevent DoS attack.

https://community.qualys.com/blogs/securitylabs/2011/07/07/identifying-slow-http-attack-vulnerabilities-on-web-applications

Recommended IIS settings (assuming you have IIS web server):
http://cagdasulucan.blogspot.ca/2013/02/iis-recommendations-against-slow-http.html

https://community.qualys.com/blogs/securitylabs/2011/11/02/how-to-protect-against-slow-http-attacks

Web Application Firewall (WAF):
http://www.applicure.com/Products/dotdefender
0
 
AleksAuthor Commented:
Excellent ! thanks !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now