General settings
You can configure slow HTTP protection and set the TLS version.
Slow HTTP protection settings
Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in pieces slowly, one at a time, to a web server. If an HTTP request is not complete or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. When the server’s concurrent connection pool reaches its maximum, this creates a DoS.
Slow HTTP protection helps to protect against Slow HTTP attacks by setting a time-out for request headers.
- Soft limit
- Minimum amount of time to receive a request header.
- Hard limit
- Maximum amount of time to receive the request header.
- Extension rate
- Amount of data, in bytes, to extend the time-out set by the soft limit. Every time the rate is exceeded, the soft limit is increased by one second.
- Skipped networks/hosts
- Networks or hosts that should not be affected by Slow HTTP protection.
TLS version settings
Select the TLS version required to connect to the WAF.