Highlighted
Regular Contributor.. Regular Contributor..
Regular Contributor..
191 views

(SM) Support Tip: New parameter for 9.5 to avoid DoS attacks

Recently a new web parameter was introduced on the SM 9.5X and versions going forward, with the purpose of avoiding DoS attacks to the web server.

The web parameter is maxRequestPerSecond, currently what it will do is to delimite the amount of requests that are allowed per second for one user session.

The default value for this web parameter is 50, which mean that the web client will allow 50 or less requests per second from the same user, if this request tent to go over 50, the web client will automatically disconnect the user to prevent the DoS attack

The parameter should look like this on the web.xml

<context-param>

  <param-name>maxRequestPerSecond</param-name>

  <param-value>-1</param-value>
</context-param>

If you wish to increase the value can do it to any number, also for unlimited requets you can set it to 0 or -1, this will allow unlimited request for one user

 

Labels (1)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.