HTTP requests must be fully received within 30 seconds, otherwise the connection will be forcibly terminated.

Optionally, a client that takes longer than 30 seconds to send a request can be automatically added to a denylist. See Client Denylisting for more information.