ReadHeaderTimeout against Slowloris attack

daniel.42 · June 7, 2022, 8:24am

How can we set the ReadHeaderTimeout in Traefik to (somewhat) defend against Slowloris attacks?

Is it transport.respondingTimeouts.readTimeout ?

For completeness sake:
nginx: client_header_timeout (default 60s)
Apache: mod_reqtimeout (unset by default)
IIS: headerWaitTimeout (default 00:00:00)

cakiwi · June 7, 2022, 1:13pm

Looks like the one to use to me.

daniel.42 · June 7, 2022, 5:10pm

it does however include the body - which would make e.g. uploads a bit of a problem (for us at least) - right?

perfection would be a header-only timeout. but I believe the transport.respondingTimeouts.idleTimeout could be what we can use to deal - if I understand the attack correctly:

Topic		Replies	Views
What is the equivalent nginx timeouts in traefik? Traefik v2 (latest) middleware , cli	0	530	June 3, 2021
Traefik stops responding under load Traefik v2 (latest) kubernetes-crd , kubernetes-ingress	2	938	January 10, 2022
Troubleshoot 502 errors Traefik v2 (latest) kubernetes-crd	3	40	April 3, 2024
config IdleTimeout failure Traefik v1 docker , file , kubernetes-ingress	0	356	March 15, 2021
Equivalent of Apache "timeout" whe forwarding to a backend Traefik v1 consul	2	615	November 1, 2019

ReadHeaderTimeout against Slowloris attack

Related Topics