diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2021-02-06 08:29:41 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2021-02-06 08:29:41 -0500 |
commit | 4a600dabd5e2799bf0c3048859ee4f00808b7d89 (patch) | |
tree | 6b83af891955bc4126150a0fa28d2e5bd8e814ef /src/reqpool.c | |
parent | dc4ff14c1f245435d597b5caaba742534795a1e1 (diff) | |
download | lighttpd-git-4a600dabd5e2799bf0c3048859ee4f00808b7d89.tar.gz |
[mod_auth] close HTTP/2 connection after bad pass
mitigation slows down brute force password attacks
x-ref:
"Possible feature: authentication brute force hardening"
https://redmine.lighttpd.net/boards/3/topics/8885
Diffstat (limited to 'src/reqpool.c')
-rw-r--r-- | src/reqpool.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/reqpool.c b/src/reqpool.c index 84229388..4ced1202 100644 --- a/src/reqpool.c +++ b/src/reqpool.c @@ -58,6 +58,7 @@ request_reset (request_st * const r) http_response_reset(r); r->loops_per_request = 0; + r->keep_alive = 0; r->h2state = 0; /* H2_STATE_IDLE */ r->h2id = 0; |