git clone https://github.com/gkbrk/slowloris.git
python3 slowloris.py example.com
For my blog I’m using CloudFlare DNS, so my IP is hidden behind their DNS servers. But if you know victims IP address or domain is resolving IP address, then you can have fun. But be aware, making this attacks is illegal!
This “slow” attack can be prevented using other web servers (during writing this post I found python script to attack NGINX web server) or using providers who protects you from DDOS. Guy at funtoo suggested to use load balancer or block connections with iptables.
iptables -A INPUT -p tcp –syn –dport 80 -m connlimit –connlimit-above 100 -j DROP
I tried to block Slow Loris attack with iptables, but in the end the web server still had a lot of threads and page was down. Googling about Slow Loris prevention, I found page Bed Against The Wall and writer recommends using mod_antiloris and mod_limitipconn for apache and fail2ban. This will follow in the next step.