fix: set http server timeouts (!91)
* Set timeout values when configuring the HTTP server to mitigate "Slowloris" vulnerability https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/merge_requests/91
This commit is contained in:
parent
1eec68b49b
commit
37b67643e8
@ -3,6 +3,7 @@ package server
|
|||||||
import (
|
import (
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"time"
|
||||||
|
|
||||||
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
|
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
|
||||||
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
|
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
|
||||||
@ -26,7 +27,14 @@ func StartServer(
|
|||||||
|
|
||||||
svrErr := make(chan error)
|
svrErr := make(chan error)
|
||||||
go func() {
|
go func() {
|
||||||
svrErr <- http.ListenAndServe(appSettings.MetricsAddress, nil)
|
httpServer := &http.Server{
|
||||||
|
Addr: appSettings.MetricsAddress,
|
||||||
|
ReadHeaderTimeout: 10 * time.Second,
|
||||||
|
ReadTimeout: 10 * time.Second,
|
||||||
|
WriteTimeout: 10 * time.Second,
|
||||||
|
IdleTimeout: 30 * time.Second,
|
||||||
|
}
|
||||||
|
svrErr <- httpServer.ListenAndServe()
|
||||||
}()
|
}()
|
||||||
log.Print("ready")
|
log.Print("ready")
|
||||||
return svrErr
|
return svrErr
|
||||||
|
Loading…
Reference in New Issue
Block a user