[Mongrel] http keep-alive?
rogerpack2005 at gmail.com
Fri Sep 14 20:04:16 EDT 2007
I read this in a previous post (
First, Mongrel accepts remote clients and creates one Thread for each
request. Mongrel also enforces a single request/response using
Connect:close headers because Ruby only supports 1024 files (so far). If
Mongrel doesn't do this then people like yourself can write a simple
"trickle attack" client that hits the Mongrel server, opens a bunch of
continuous connections, and then eat up all available files very quickly.
Basically, a DDoS attack that's very simple to do.
Is this still a problem? If it is, I think it might be sweet if it were
optional (then load balancer's could keep open connections--if only load
balancers can hit it...). Just a thought :)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Mongrel-users