Apache: Short Lingering Close

[studersi]

Looking through the source code of mod_reqtimeout, I saw that it uses the short-lingering-close request note to considerably shorten the potential duration of a lingering connection close:
https://github.com/apache/httpd/blob/trunk/modules/filters/mod_reqtimeout.c#L329-L335

I did not see this note being used in ModSecurity, though I'm not sure whether this is even applicable for ModSecurity or whether ModSecurity foregoes the lingering close completely.

[marcstern]

That mechanism is used to oblige the client to read the answer quicker than normal.
I don't see any reason to do that in ModSecurity, except maybe in hook_connection_early() when the client has too many open connections?

Additional question: Is this behaviour (SecConnReadStateLimit/SecConnWriteStateLimit) still useful?

1. Many ISP (especially mobile) use Carrier NAT, so many users are using the same IP => blocking genuine users
2. How does it interact with HTTP/2? You can have many requests in parallel in a single connection => limit not effective

[airween]

@studersi, @marcstern is there any conclusions here?

[marcstern]

I unfortunately have no more info than in my last remark: I don't see any reason to do that in ModSecurity, except maybe in hook_connection_early() when the client has too many open connections?