60 is a good overall value, but as you said it yourself, setting it too low will cause problems with long running cgi scripts, set it to a logical value according to *YOUR* needs. There is no magic value for timeout, really.
El lun., 16 nov. 2015 a las 17:50, Rose, John B (<[email protected]>) escribió: > Looking in the Security Tips document for Apache this is said … > > - The TimeOut <https://httpd.apache.org/docs/2.4/mod/core.html#timeout> > directive > should be lowered on sites that are subject to DoS attacks. Setting this to > as low as a few seconds may be appropriate. As TimeOut > <https://httpd.apache.org/docs/2.4/mod/core.html#timeout> is currently > used for several different operations, setting it to a low value introduces > problems with long running CGI scripts.' > > The default is 60 seconds, I have had a discussion where I was told maybe > 2-5 seconds is a good setting. > > What is commonly used nowadays in 2.4 on robust networks and architectures? > > thanks >
