Probably not, but as we specify the time-outs to allow all normal
requests (we hope), I'd like to be warned when an attack occurs, but
also if one of my genuine customers is blocked (to possibly fine-tunes
the time-outs).
Another option would be to set an environment variable, so I could check
it and handle my notification manually.
On 9/2/2011 18:13, Eric Covener wrote:
On Wed, Feb 9, 2011 at 10:28 AM, Nick Gearls<nickgea...@gmail.com> wrote:
Hello,
When an attack (timeout) is detected, it is logged at the info level.
Shouldn't this be considered as a warning?
Can it know when one of the timeouts looks malicious vs. just being delayed?
