luzifer/twitch-bot
1
0
Fork 0
mirror of https://github.com/Luzifer/twitch-bot.git synced 2024-11-09 08:40:01 +00:00
Code Issues Projects Releases Wiki Activity

Lint / SEC: Add mitigation for slowloris DoS attack vector

Browse source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2022-09-06 00:35:40 +02:00
parent e259ca209c
commit 6210646351
Signed by: luzifer
GPG key ID: 0066F03ED215AD7D
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
main.go
View file

@ -32,6 +32,8 @@ const (
initialIRCRetryBackoff = 500 * time.Millisecond initialIRCRetryBackoff = 500 * time.Millisecond
ircRetryBackoffMultiplier = 1.5 ircRetryBackoffMultiplier = 1.5
maxIRCRetryBackoff = time.Minute maxIRCRetryBackoff = time.Minute
httpReadHeaderTimeout = 5 * time.Second
) )
var ( var (
@ -252,7 +254,12 @@ func main() {
log.WithError(err).Fatal("Unable to open http_listen port") log.WithError(err).Fatal("Unable to open http_listen port")
} }
go http.Serve(listener, router) server := &http.Server{
ReadHeaderTimeout: httpReadHeaderTimeout, // gosec: G114 - Mitigate "slowloris" DoS attack vector
Handler: router,
}
go server.Serve(listener)
log.WithField("address", listener.Addr().String()).Info("HTTP server started") log.WithField("address", listener.Addr().String()).Info("HTTP server started")
checkExternalHTTP() checkExternalHTTP()