Apache
Module mod_reqtimeout

Available
Languages: en

Directives

• RequestReadTimeout

Topics

• Examples

• Comments

Examples

1. Allow 10 seconds to receive
   the request including the headers and 30 seconds for receiving the request
   body:

   RequestReadTimeout
header=10 body=30



2. Allow at least 10 seconds
   to receive the request body. If the client sends data, increase the timeout by
   1 second for every 1000 bytes received, with no upper limit for the timeout
   (exept for the limit given indirectly by LimitRequestBody):

   RequestReadTimeout
body=10,MinRate=1000



3. Allow at least 10 seconds
   to receive the request including the headers. If the client sends data,
   increase the timeout by 1 second for every 500 bytes received. But do not
   allow more than 30 seconds for the request including the headers:

   RequestReadTimeout
header=10-30,MinRate=500



4. Usually, a server should
   have both header and body timeouts configured. If a common configuration is
   used for http and https virtual hosts, the timeouts should not be set too low:

   RequestReadTimeout
header=20-40,MinRate=500 body=20,MinRate=500

RequestReadTimeout Directive

This directive
can set various timeouts for receiving the request headers and the request body
from the client. If the client fails to send headers or body within the
configured time, a 408
REQUEST TIME OUT error is
sent.

For SSL
virtual hosts, the header timeout values include the time needed to do the
initial SSL handshake. If the user‘s browser is configured to query certificate
revocation lists and the CRL server is not reachable, the initial SSL handshake
may take a significant time until the browser gives up waiting for the CRL.
Therefore the header timeout values should not be set to very low values for SSL
virtual hosts. The body timeout values include the time needed for SSL
renegotiation (if necessary).

When an AcceptFilter is in use (usually the case on Linux
and FreeBSD), the socket is not sent to the server process before at least one
byte (or the whole request for httpready)
is received. The header timeout configured with RequestReadTimeout is only effective after the server
process has received the socket.

For each of
the two timeout types (header or body), there are three ways to specify the
timeout:

• Fixed
  timeout value:

  type=timeout

  The time in
  seconds allowed for reading all of the request headers or body, respectively.
  A value of 0 means no limit.



• Timeout
  value that is increased when data is received:

  type=timeout,MinRate=data_rate

  Same as
  above, but whenever data is received, the timeout value is increased according
  to the specified minimum data rate (in bytes per second).



• Timeout
  value that is increased when data is received, with an upper
  bound:

  type=timeout-maxtimeout,MinRate=data_rate

  Same as
  above, but the timeout will not be increased above the second value of the
  specified timeout range.

Available
Languages: en

Comments

Notice:
This is
not a Q&A section. Comments placed here should be pointed towards
suggestions on improving the documentation or server, and may be removed again
by our moderators if they are either implemented or considered
invalid/off-topic. Questions on how to manage the Apache HTTP Server should be
directed at either our IRC channel, #httpd, on Freenode, or sent to ourmailing lists.

RSS   Log in /
register

Anonymous 431 days ago Rating: 0 (register an account in order to rate comments)

Some third party modules that require an active connection, like apache-websockets, will fail due module. These connections could be sleeping for a time and when they wake up, the timeout close the connection.

covener 431 days ago Rating: 0 (register an account in order to rate comments)

Seems fixable via a some small pseudo-API (connection level note) to mark the conn as n/a for end to end mod_reqtimeout.

Apache Module mod_reqtimeout