You are here


Neutralizing Slowloris attacks with NIO

Most of the time, web attacks rely on perverted use of protocols or pernicious effects of a technical possibility. For example, web servers are implemented to accept both fast and slow clients and treat them equally, but nobody would expect to have at the same time a huge amount of extremely slow clients. If this happened, this would lead the "old-style" server (1 thread for 1 connection) to get frozen.

Protecting your Tomcat with the Security Manager

Tomcat comes with a Security Manager which provides some protection against hacking. Of course, it's not a full layer-7 firewall but at least it provides file access and network checking, for free. With this, we can somehow protect our website against defacement, intrusion, and service denial. Now, let's see how to configure it easily.

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer