The reason why is that the guys and gals working on Apache Server, decided that when a new connection comes, it will be served by a new thread.
That's a rather unfair statement. When Apache HTTPD was first created, in 1995, epoll() did not exist on sockets.
The MPM event module exists for quite a while now (2012), and it does not have a major issue with slowloris. But just like with the other non-prefork MPMs, not all Apache modules are safe to be used with the event MPM. Most notably mod_php was not thread safe.
PowerFactors dev by day, gamer by night. Battling impostor syndrome and writing clean energy code (and useless side projects) fueled by pure insanity since 2008.
That's a rather unfair statement. When Apache HTTPD was first created, in 1995, epoll() did not exist on sockets.
The MPM event module exists for quite a while now (2012), and it does not have a major issue with slowloris. But just like with the other non-prefork MPMs, not all Apache modules are safe to be used with the event MPM. Most notably mod_php was not thread safe.
Truth is that I was not trying to point fingers at Apache for bad desing or whatever.
The real point is that a design choice made in 1995, became an attack vector 14 years later ☺