Menu
I have asp.Net MVC web application deployed on azure. And have some problems with Slow HTTP POST vulnerability. So I want to configure <\limits> to turn on connectionTimeout.
I can`t do this in Web.config (or mb just don`t know right place to write it). In guides this thing configure on iis, but how to do this in azure?
546
The setting that you are talking about connectionTimeout needs to be set in the applicationhost.config file. This file is not found as part of your project, but is part of your azure website. If you want to view the configuration settings in this file you can go to the kudo service for your site which can be accessed by following the directions here: https://github.com/projectkudu/kudu/wiki/Accessing-the-kudu-service
To get to the location of the file go to the cmd console, click on the globe icon and it should be in the the Configure folder. That is how you view the current settings. To actually change the settings you need to create an xdt transform file and drop it into your site root and restart the site. This can be done using ftp (the ftp host url can be found in the azure portal for you site).
You are also going to want to configure your <\webLimits> as well to help prevent a slow post attack.
124
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
