Because information security policy,
Vulnerability scanning must be done using IPS,
There is a vulnerability scan results follows,
How do I repair it ?
HTTP Server Prone To Slow Denial Of Service Attack
A denial of service vulnerability is present in some HTTP servers.
Upgrade the Apache HTTP Server to the latest version that has "mod_reqtimeout" module support available by default.
Then enable the module "mod_reqtimeout" and configure it to set the timeout and minimum data rate for receiving requests,
An example configuration is as below:
For customers who are not ready to use "mod_reqtimeout" module a workaround is to decrease the "Timeout" setting for Apache to 10 seconds or less, instead of the default
5 minutes (300 seconds), in the Apache web server configuration file.
Particular considerations have to be taken into account depending on each organization and the type of clients expected to connect to their web servers.
HTTP servers that use the asynchronous I/O technique are not vulnerable to this attack. Some of those servers are: lighttpd, nginx, Apache's experimental event MPM, IIS 6,
IIS7, Cherokee, etc.
Apache HTTP Server is a widely used Web server. Apache -and other Web servers- bound each connection to a different process or thread.
A denial of service vulnerability is present in some HTTP servers. The DoS occurs because the server allows incomplete connections to stay open for an unnecessary period
of time. Processes are a limited resource, and thus the server cannot have infinite connections but instead a limited number of clients connected at the same time. The attacker
will create multiple slow incomplete connection requests to the server causing it to reach the connections limit and make the server to stop responding to other legit requests.
Common Vulnerabilities & Exposures (CVE) Link: