> Slow Loris can be avoided by putting a proxy capable of buffering > requests until completion between the app server and the web, right?
Yes, use nginx or similar. Slowloris is generally not a problem when that is properly configured. > That seems like a simpler workaround than arch upgrade or replacing > dict implementation. This problem has nothing to do with slowloris. Replacing dict implementation prevents an attacker from producing keys which are intentionally n^2 hard for dictionary operations. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.