General Settings

You can activate SlowHTTP protection and define the TLS version.

The SlowHTTP Protection page helps to protect against Slow HTTP attacks by setting a time-out for request headers.
  1. Go to Device Configuration > Protect > Web Server > General Settings.
  2. Specify the details for SlowHTTP Protection:
    Timeout for request headers
    Enable to activate SlowHTTP Protection.
    Soft limit
    Enter the minimum amount of time in second(s) to receive a request header.
    Default value: 10.
    Hard limit
    Enter the maximum amount of time in seconds(s) to receive a request header.
    Defaut value: 30.
    Extension rate
    Enter the amount of data volume in byte(s) which extends the time-out.
    With the extension rate, you can increase the minimal time-out according to the data volume. For example, the soft limit allows at least 10 seconds to receive request headers, the extension rate is 500, and the hard limit is set to 30. If the client now sends data, the soft limit time-out increases 1 second for every 500 bytes received. After 30 seconds the client will be disconnected.
    Default value: 5000.
    Skipped Networks/Hosts
    Select or add networks/hosts that should not be affected by SlowHTTP Protection.
  3. Click Apply.

TLS Version Settings

  1. Select the minimal TLS version that is allowed to connect to the WAF.
    If you select TLS version 1.2, clients using Microsoft Internet Explorer 6, 7, or 8, or Microsoft Windows XP will not be able to connect to the WAF.
  2. Click Apply.