When should I use this reqtimeout.conf?
Use it to restore a missing default, confirm what shipped, or diff against your current Apache HTTP Server config.
# mod_reqtimeout limits the time waiting on the client to prevent an # attacker from causing a denial of service by opening many connections # but not sending requests. This file tries to give a sensible default # configuration, but it may be necessary to tune the timeout values to # the actual situation. Note that it is also possible to configure # mod_reqtimeout per virtual host. # Wait max 20 seconds for the first byte of the request line+headers # From then, require a minimum data rate of 500 bytes/s, but don't # wait longer than 40 seconds in total. # Note: Lower timeouts may make sense on non-ssl virtual hosts but can # cause problem with ssl enabled virtual hosts: This timeout includes # the time a browser may need to fetch the CRL for the certificate. If # the CRL server is not reachable, it may take more than 10 seconds # until the browser gives up. RequestReadTimeout header=20-40,minrate=500 # Wait max 10 seconds for the first byte of the request body (if any) # From then, require a minimum data rate of 500 bytes/s RequestReadTimeout body=10,minrate=500
curl https://exampleconfig.com/api/v1/config/original/30ef0f5bd709e44eeee85e9f847000c0?hint=reqtimeout.conf
wget -O reqtimeout.conf https://exampleconfig.com/api/v1/config/original/30ef0f5bd709e44eeee85e9f847000c0?hint=reqtimeout.conf
<prompt><role>DevOps agent</role><source url='https://exampleconfig.com/api/v1/config/original/30ef0f5bd709e44eeee85e9f847000c0?hint=reqtimeout.conf' /><config><app>Apache HTTP Server</app><os>Ubuntu 24.04 LTS (Noble Numbat)</os><location>/etc/apache2/mods-available/reqtimeout.conf</location><lines>21</lines><md5>30ef0f5bd709e44eeee85e9f847000c0</md5><sha256>1a524eed41c0c58ac98627676e23f784099163f02fe8d8d53c91969d59152b41</sha256></config></prompt>
Paste into Claude, ChatGPT, or any AI assistant.
sudo apk add apache2
sudo apt update && sudo apt install apache2
sudo yum install httpd
sudo apt update && sudo apt install apache2
When should I use this reqtimeout.conf?
Use it to restore a missing default, confirm what shipped, or diff against your current Apache HTTP Server config.
How do I restore Apache HTTP Server defaults?
Download the file, back up the current one in /etc/apache2/mods-available/reqtimeout.conf, replace it, then reload or restart Apache HTTP Server.
Is reqtimeout.conf safe for production?
It is the vendor default for Ubuntu 24.04 LTS (Noble Numbat). Treat it as a baseline and review security and performance settings before production use.
How does this differ from other OS versions?
Defaults vary by distro and version. This copy matches Ubuntu 24.04 LTS (Noble Numbat).
Can I use this for Apache HTTP Server troubleshooting?
Yes. Diff it against yours to find drift, then restore only the sections you need.