Public bug reported:
Apache Httpd provides a well-tested way to limit the size of the request body via the LimitRequestBody directive, see http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody . This is an important option for a secure deployment since it prevents clients from crashing the server by sending large requests, causing a DoS. As such, keystone's sample httpd file should specify LimitRequestBody so that deployers know to set it. ** Affects: keystone Importance: Undecided Assignee: Brant Knudson (blk-u) Status: In Progress -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1481048 Title: Sample httpd config should have LimitRequestBody Status in Keystone: In Progress Bug description: Apache Httpd provides a well-tested way to limit the size of the request body via the LimitRequestBody directive, see http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody . This is an important option for a secure deployment since it prevents clients from crashing the server by sending large requests, causing a DoS. As such, keystone's sample httpd file should specify LimitRequestBody so that deployers know to set it. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1481048/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
