Ian Morgan <[EMAIL PROTECTED]> writes: > >From the 1.3.23 ChangeLog: > > > (eg, one attack mode of the Nimda worm is to establish a connection to the > > server but not send an HTTP request. This connection will be timed out > > according to the setting of the Timeout directive, 300 seconds) > > Well, they seem to recognize the problem, anyways. Anybody know why this > patch isn't being accepted? It works like a charm.
IIRC, it added to the server_rec which would require an API MMN bump, and I think somebody mentioned that on the list. Maybe you addressed that, maybe I'm extremely confused, maybe both. I tried to verify but (see next comment) > Download: > http://www.webcon.net/opensource/apache/apache_1.3.23_recv_timeout.patch --->bad URL bad URL on the page mentioned previously too Is this in 2.0 yet? I think that lots of people think it is cool and appropriate for Apache. The question (IIRC) is which release. I don't think there is any question that an appropriate patch for 2.0 would have an easy time. -- Jeff Trawick | [EMAIL PROTECTED] | PGP public key at web site: http://www.geocities.com/SiliconValley/Park/9289/ Born in Roswell... married an alien...
