28 lines
707 B
Plaintext
28 lines
707 B
Plaintext
#
|
|
# BEGIN: defaults-waf.cnf
|
|
#
|
|
defaults
|
|
mode http
|
|
option http-server-close
|
|
option dontlognull
|
|
option redispatch
|
|
# Since ulimit -n (-H) is patched in container
|
|
# HAProxy is supposed to adjust this value accordingly
|
|
# maxconn 2000
|
|
option tcpka # For the backends
|
|
option h1-case-adjust-bogus-client
|
|
timeout connect 5s # non-waf has 120s
|
|
# Slowloris protection
|
|
timeout http-request 15s
|
|
# By setting timeout http-request these values are shadowed?
|
|
# timeout client 120s
|
|
# timeout client-fin 120s
|
|
# timeout server 120s
|
|
# timeout tunnel 2h
|
|
timeout queue 30s
|
|
timeout tarpit 1m # tarpit hold time
|
|
backlog 8192 # Less or equal power of 2 is used
|
|
#
|
|
# END: defaults-waf.cnf
|
|
#
|