search

shekyan / slowhttptest

Application Layer DoS attack simulator
Apache License 2.0
1.51k stars 303 forks source link

URL still accessible #78

Open springleo opened 1 year ago

springleo commented 1 year ago

I deployed https://tomcat.apache.org/tomcat-7.0-doc/appdev/sample/sample.war in my tomcat v9.0.71 hosted on local windows 10 PC. I have changed the server.xml as follows: 

<Connector maxPostSize="1048576"
               scheme="http"
               SSLEnabled="false"
               address="127.0.0.1"
               disableUploadTimeout="false" 
               acceptorThreadCount="10"
               compression="on"
               maxConnections="60000"
               maxThreads="500"
               processorCache="60000"
               maxHttpHeaderSize="49152"
               maxHeaderCount="25"
               port="8080" 
               protocol="org.apache.coyote.http11.Http11NioProtocol" 
               connectionUploadTimeout="20000"
               connectionTimeout="20000" />

But when checked using docker image slowhttptest, it fails on 5th second. However, noticed that even though "service available: " turns to "no", and the program exits, the URL is still accessible using browser incognito window. Is that expected ?

I also tried with nginx front-ending tomcat webserver, using the following nginx.conf:

worker_processes  1;
worker_rlimit_nofile 8192;
events {
    worker_connections  1024;
    multi_accept on;
}

http {
    access_log off;  
       autoindex off;
###########################################
# Default round robin load balancing config
###########################################
    upstream my_tomcat_setup {
        server localhost:8080 max_conns=150;
    }
    limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
    limit_conn_zone $binary_remote_addr zone=addr:10m;
    server {
    listen 80;
    listen [::]:80;
    client_body_timeout 5s;
    client_header_timeout 5s;
    location / {
            proxy_redirect      off;
            proxy_set_header    X-Real-IP $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto $scheme;
            proxy_set_header    Host $host;
            proxy_pass          http://my_tomcat_setup;
            limit_req zone=one;
            limit_conn addr 10;
    }
    }
    client_header_buffer_size 1k;
    client_body_buffer_size 16k;    # 8k for 32-bit or 16k for 64-bit platform
    client_max_body_size 1m;
    large_client_header_buffers 4 8k;
}

Any clues will be hugely appreciated.

thanks.