Preventing "Slow HTTP" Attacks


This article applies to:

  • WAF 8.0

Question:

  • Can Trustwave WAF detect and mitigate "slow HTTP" attacks?

Information:

Yes, WAF 8.0 and above can detect, report, and prevent slow client Denial of Service (DoS) attacks, where an attacker deliberately sends multiple partial HTTP requests to the server. 

In such an attack, the client attempts to consume server resources by slowing the request or response, holding connections and memory resources open on the server for a long time, but without triggering session time-outs. This behavior can make the server unable to respond to legitimate requests from other clients.


Last Modified 1/23/2017.
https://support.trustwave.com/kb/KnowledgebaseArticle20755.aspx