Hi, Why not only dropping this "Range:bytes=0-" header?
cheers 2011/8/22 Levente Peres <[email protected]>: > Hello, > > There're a number of webserver-mace apps on the net, the newest that I heard > of being the so called "Apache killer" script I saw a few days agon on Full > disclosure... Here you can see a demonstration of what it does. Also, I've > attached the script itself. > > http://www.youtube.com/watch?v=fkCQZaVjBhA > > I believe we should discuss some possibilities about how to configure > HAProxy to protect Apache backends as much as possible, or at least mitigate > such attacks? Any ideas? > > Cheers, > > Levente >
