diff --git a/activityPub.go b/activityPub.go
index 95b29fa..5ff56ca 100644
--- a/activityPub.go
+++ b/activityPub.go
@@ -8,6 +8,7 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
+	"io"
 	"log"
 	"net/http"
 	"net/url"
@@ -260,17 +261,19 @@ func apGetRemoteActor(iri string) (*asPerson, int, error) {
 	}
 	req.Header.Set("Accept", contentTypeAS)
 	req.Header.Set(userAgent, appUserAgent)
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := appHttpClient.Do(req)
 	if err != nil {
 		return nil, 0, err
 	}
+	defer resp.Body.Close()
 	if !apRequestIsSuccess(resp.StatusCode) {
+		_, _ = io.Copy(io.Discard, resp.Body)
 		return nil, resp.StatusCode, nil
 	}
 	actor := &asPerson{}
 	err = json.NewDecoder(resp.Body).Decode(actor)
-	defer resp.Body.Close()
 	if err != nil {
+		_, _ = io.Copy(io.Discard, resp.Body)
 		return nil, 0, err
 	}
 	return actor, 0, nil
diff --git a/activityPubSending.go b/activityPubSending.go
index 74ee9cc..f152fa7 100644
--- a/activityPubSending.go
+++ b/activityPubSending.go
@@ -124,14 +124,16 @@ func apSendSigned(blogIri, to string, activity []byte) error {
 		return err
 	}
 	// Do request
-	resp, err := http.DefaultClient.Do(r)
+	resp, err := appHttpClient.Do(r)
 	if err != nil {
 		return err
 	}
+	defer resp.Body.Close()
 	if !apRequestIsSuccess(resp.StatusCode) {
 		body, _ := io.ReadAll(resp.Body)
-		_ = resp.Body.Close()
 		return fmt.Errorf("signed request failed with status %d: %s", resp.StatusCode, string(body))
+	} else {
+		_, _ = io.Copy(io.Discard, resp.Body)
 	}
 	return nil
 }
diff --git a/http.go b/http.go
index 492166a..3131b40 100644
--- a/http.go
+++ b/http.go
@@ -9,6 +9,7 @@ import (
 	"strconv"
 	"strings"
 	"sync"
+	"time"
 
 	"github.com/caddyserver/certmagic"
 	"github.com/dchest/captcha"
@@ -86,7 +87,13 @@ func startServer() (err error) {
 		}
 		err = certmagic.HTTPS(hosts, finalHandler)
 	} else {
-		err = http.ListenAndServe(localAddress, finalHandler)
+		s := &http.Server{
+			Addr:         localAddress,
+			Handler:      finalHandler,
+			ReadTimeout:  5 * time.Minute,
+			WriteTimeout: 5 * time.Minute,
+		}
+		err = s.ListenAndServe()
 	}
 	return
 }
diff --git a/httpClient.go b/httpClient.go
new file mode 100644
index 0000000..e275587
--- /dev/null
+++ b/httpClient.go
@@ -0,0 +1,13 @@
+package main
+
+import (
+	"net/http"
+	"time"
+)
+
+var appHttpClient = &http.Client{
+	Timeout: 5 * time.Minute,
+	Transport: &http.Transport{
+		DisableKeepAlives: true,
+	},
+}
diff --git a/micropubMedia.go b/micropubMedia.go
index cf5132e..5c534e5 100644
--- a/micropubMedia.go
+++ b/micropubMedia.go
@@ -116,8 +116,13 @@ func uploadToBunny(filename string, f io.Reader, config *configMicropubMedia) (l
 	}
 	req, _ := http.NewRequest(http.MethodPut, fmt.Sprintf("https://storage.bunnycdn.com/%s/%s", url.PathEscape(config.BunnyStorageName), url.PathEscape(filename)), f)
 	req.Header.Add("AccessKey", config.BunnyStorageKey)
-	resp, err := http.DefaultClient.Do(req)
-	if err != nil || resp.StatusCode != http.StatusCreated {
+	resp, err := appHttpClient.Do(req)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	_, _ = io.Copy(io.Discard, resp.Body)
+	if resp.StatusCode != http.StatusCreated {
 		return "", errors.New("failed to upload file to BunnyCDN")
 	}
 	return config.MediaURL + "/" + filename, nil
@@ -191,22 +196,26 @@ func shortPixel(url string, config *configMicropubMedia) (location string, err e
 	if err != nil {
 		return "", err
 	}
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := appHttpClient.Do(req)
 	if err != nil {
 		return "", err
-	} else if resp.StatusCode != http.StatusOK {
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		_, _ = io.Copy(io.Discard, resp.Body)
 		return "", fmt.Errorf("failed to compress image, status code %d", resp.StatusCode)
 	}
 	tmpFile, err := os.CreateTemp("", "tiny-*."+fileExtension)
 	if err != nil {
+		_, _ = io.Copy(io.Discard, resp.Body)
 		return "", err
 	}
 	defer func() {
-		_ = resp.Body.Close()
 		_ = tmpFile.Close()
 		_ = os.Remove(tmpFile.Name())
 	}()
 	if _, err = io.Copy(tmpFile, resp.Body); err != nil {
+		_, _ = io.Copy(io.Discard, resp.Body)
 		return "", err
 	}
 	fileName, err := getSHA256(tmpFile)
diff --git a/telegram.go b/telegram.go
index 302688c..ab6665b 100644
--- a/telegram.go
+++ b/telegram.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
+	"io"
 	"log"
 	"net/http"
 	"net/url"
@@ -66,10 +67,13 @@ func sendTelegramMessage(message, mode, token, chat string) error {
 	}
 	tgURL.RawQuery = params.Encode()
 	req, _ := http.NewRequest(http.MethodPost, tgURL.String(), nil)
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := appHttpClient.Do(req)
 	if err != nil {
 		return err
-	} else if resp.StatusCode != http.StatusOK {
+	}
+	defer resp.Body.Close()
+	_, _ = io.Copy(io.Discard, resp.Body)
+	if resp.StatusCode != http.StatusOK {
 		return fmt.Errorf("failed to send Telegram message, status code %d", resp.StatusCode)
 	}
 	return nil
diff --git a/tor.go b/tor.go
index b50ed76..07d5e0a 100644
--- a/tor.go
+++ b/tor.go
@@ -77,5 +77,10 @@ func startOnionService(h http.Handler) error {
 	torAddress = onion.String()
 	log.Println("Onion service published on http://" + torAddress)
 	// Serve handler
-	return http.Serve(onion, h)
+	s := &http.Server{
+		Handler:      h,
+		ReadTimeout:  5 * time.Minute,
+		WriteTimeout: 5 * time.Minute,
+	}
+	return s.Serve(onion)
 }
diff --git a/webmentionSending.go b/webmentionSending.go
index 8a0d616..e1fd67e 100644
--- a/webmentionSending.go
+++ b/webmentionSending.go
@@ -62,10 +62,12 @@ func sendWebmention(endpoint, source, target string) (*http.Response, error) {
 	}
 	req.Header.Set(contentType, contentTypeWWWForm)
 	req.Header.Set(userAgent, appUserAgent)
-	res, err := http.DefaultClient.Do(req)
+	res, err := appHttpClient.Do(req)
 	if err != nil {
 		return res, err
 	}
+	defer res.Body.Close()
+	_, _ = io.Copy(io.Discard, res.Body)
 	if code := res.StatusCode; code < 200 || 300 <= code {
 		return res, fmt.Errorf("response error: %v", res.StatusCode)
 	}
@@ -79,16 +81,18 @@ func discoverEndpoint(urlStr string) string {
 			return ""
 		}
 		req.Header.Set(userAgent, appUserAgent)
-		resp, err := http.DefaultClient.Do(req)
+		resp, err := appHttpClient.Do(req)
 		if err != nil {
 			return ""
 		}
+		defer resp.Body.Close()
 		if code := resp.StatusCode; code < 200 || 300 <= code {
+			_, _ = io.Copy(io.Discard, resp.Body)
 			return ""
 		}
-		defer resp.Body.Close()
 		endpoint, err := extractEndpoint(resp)
 		if err != nil || endpoint == "" {
+			_, _ = io.Copy(io.Discard, resp.Body)
 			return ""
 		}
 		if urls, err := resolveURLReferences(urlStr, endpoint); err == nil && len(urls) > 0 && urls[0] != "" {
diff --git a/webmentionVerification.go b/webmentionVerification.go
index 37fd8a0..6f38473 100644
--- a/webmentionVerification.go
+++ b/webmentionVerification.go
@@ -79,7 +79,7 @@ func (m *mention) verifyMention() error {
 		c, _ := createTokenCookie()
 		req.AddCookie(c)
 	}
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := appHttpClient.Do(req)
 	if err != nil {
 		return err
 	}