On 26 Jan 2002, Jeff Trawick wrote: > Ian Morgan <[EMAIL PROTECTED]> writes: > > > >From the 1.3.23 ChangeLog: > > > > > (eg, one attack mode of the Nimda worm is to establish a connection to the > > > server but not send an HTTP request. This connection will be timed out > > > according to the setting of the Timeout directive, 300 seconds) > > > > Well, they seem to recognize the problem, anyways. Anybody know why this > > patch isn't being accepted? It works like a charm. > > IIRC, it added to the server_rec which would require an API MMN bump, > and I think somebody mentioned that on the list.
Ah, that's reasonable I suppose. I had not seen any such comment on the list, but I suppose I may have misesd it. Anybody have any ideas on how to implement this without touching server_rec? (Who uses binary modules across versions without recompiling!?) > > Download: > > http://www.webcon.net/opensource/apache/apache_1.3.23_recv_timeout.patch > > --> BAD URL Oops.. Sorry. Mixed up a "-" and an "_". It's accessible now. > Is this in 2.0 yet? Don't think so. There seems to be some form of support for a variety of different timeouts is 2.0.x, but when I last looked, I don't think there was one that handles this type of timeout for receives only. Of course, I'd be happy to stand corrected. Regards, Ian Morgan -- ------------------------------------------------------------------- Ian E. Morgan Vice President & C.O.O. Webcon, Inc. [EMAIL PROTECTED] PGP: #2DA40D07 www.webcon.net -------------------------------------------------------------------
