simono41/fail2ban-prometheus-exporter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix: set http server timeouts (!91)

Browse source 
* Set timeout values when configuring the HTTP server to mitigate "Slowloris" vulnerability

https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/merge_requests/91
This commit is contained in:
Hector 2023-06-21 11:09:39 +00:00
parent 1eec68b49b
commit 37b67643e8
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
server/server.go
View file

@ -3,6 +3,7 @@ package server
import ( import (
"log" "log"
"net/http" "net/http"
"time"
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg" "gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile" "gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
@ -26,7 +27,14 @@ func StartServer(
svrErr := make(chan error) svrErr := make(chan error)
go func() { go func() {
svrErr <- http.ListenAndServe(appSettings.MetricsAddress, nil) httpServer := &http.Server{
Addr: appSettings.MetricsAddress,
ReadHeaderTimeout: 10 * time.Second,
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
IdleTimeout: 30 * time.Second,
}
svrErr <- httpServer.ListenAndServe()
}() }()
log.Print("ready") log.Print("ready")
return svrErr return svrErr