Potential vulnerability is found as part of slowloris(type of DOS tool) testing on Grafana. Details as below.
Are there any configuration is recommended to medigate this?
|IR-Slowloris-10102|Apache httpd allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|ScanType: Denial Of Service
Test Reported ServiceName: http Description: The attack leave huge number of HTTP threads in hung state. The system should have capability to detect slow HTTP requests and discard them. Also system should be able to recover the system once the attack stops