ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
I did not see this note being used in ModSecurity, though I'm not sure whether this is even applicable for ModSecurity or whether ModSecurity foregoes the lingering close completely.
Looking through the source code of
mod_reqtimeout
, I saw that it uses theshort-lingering-close
request note to considerably shorten the potential duration of a lingering connection close: https://github.com/apache/httpd/blob/trunk/modules/filters/mod_reqtimeout.c#L329-L335I did not see this note being used in ModSecurity, though I'm not sure whether this is even applicable for ModSecurity or whether ModSecurity foregoes the lingering close completely.