Last Updated on August 26, 2011 EDT by Jordan
There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.
http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/
There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code
# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range
# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range
You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.