Case Study K — Slowloris Protection on Kubernetes, Istio, and Apache Servers
In this case study, I explore how to build and secure a modern web infrastructure using Kubernetes, Istio, and Apache HTTP Server — with a special focus on mitigating the classic but still relevant Slowloris attack. What’s the Problem?
Apache is a powerful and widely-used web server, but out of the box, it can be vulnerable to certain types of denial-of-service attacks. One of the most well-known is the Slowloris attack, which works by opening many connections to the server and keeping them alive by sending tiny amounts of data very slowly. Eventually, all the server’s connection slots are taken up, making it unresponsive to real users — all without triggering bandwidth alarms. What This Case Study Does
This project automates the setup of a secure and scalable web environment by:
- Provisioning infrastructure with Vagrant
- Installing and configuring Apache with Ansible
- Setting up Apache as a reverse proxy to forward traffic into a Kubernetes cluster
- Deploying web applications with Helm charts
- Managing routing and observability with Istio
But most importantly, it includes a hardened Apache configuration to defend against Slowloris. This is done by tuning timeouts and disabling KeepAlive to close suspicious slow connections early. Why It Matters
While modern infrastructure can be powerful, it’s only as strong as its weakest default. This case study shows how infrastructure as code, security best practices, and cloud-native tools can work together to build not just scalable services — but resilient ones.
You can check the files for this case study at https://github.com/cacarico/case-study-k.