Configure DoS protection->Check delay
I'm wondering the significance of this setting. Can someone explain this setting in greater detail?
Is there a significant impact on the server/resources if we reduce the delay?
What ports are checked?
Since nearly all DOS attacks we see on common webpages trigger mod_security rules anyway how is an identified DOS attack handled any differently, if at all?
Does decreasing the "Check delay" catch more attacks but increase the likelihood of false positives?