Slow HTTP POST vulnerability

Martin Kruger 1 Reputation point
2021-02-18T15:56:16.223+00:00

We have performed a scan with Qualys on our sites hosted an Azure app service. The scan comes back with Slow HTTP POST vulnerability every time the scan runs. We have tried all the recommendations of applying XDT Transform on the applicationHost.config file in the limits and webLimits elements. We have played with all the attributes in RequestLimits, specifically the maxAllowedContentLength, maxQueryString, and maxUrl attributes, but the scan still comes back with the vulnerability. Any help in resolving this problem would be greatly appreciated.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,038 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ryan Hill 22,751 Reputation points Microsoft Employee
    2021-02-24T04:04:51.457+00:00

    Hi @Martin Kruger ,

    I'm assuming you used https://blog.qualys.com/vulnerabilities-research/2011/11/02/how-to-protect-against-slow-http-attacks to determine which settings you can/should adjust and still encountering the error. I would advise isolating the request and identifying the client that's causing these slow requests. https://blog.qualys.com/vulnerabilities-research/2011/07/07/identifying-slow-http-attack-vulnerabilities-on-web-applications list out some suggestions on how to identify slow requests if you haven't seen it already. I also suggestion enabling Application Insights to gain more visibility in the contents and performance of requests that are slower than others. If you already done these steps, the please reply to comment down below.

    Regards,
    Ryan

    0 comments No comments