Sun Java System Web Server 7.0 Update 1 Administrator's Guide

Limiting Requests to The Server

You can now tweak the server to prevent Denial-Of-Service attacks by configuring request limits and monitoring maximum number of connections per virtual server. Configuring some of these values may affect the Server's performance.

For configuring request limits for the server, click Configuration > Virtual Servers > Server Settings > Request Limits. Configure the parameters listed in the following table.

Table 7–4 Configuring Request Limit



Request Limits

Enable/Disable request limits for this virtual server. Request limits option is disabled by default. 

Maximum Connections

Maximum number of concurrent connections allowed for this virtual server. 

Maximum RPS

Maximum number of requests allowed from a client per second. 

RPS Compute Interval

The time interval in which the average request per second (RPS) is calculated. Default values is 30 seconds. 

Continue Condition

Determines what condition must be met in order for a blocked request type to become available again for servicing. 

silence — Refused requests must fall to zero (over a subsequent interval) for service to resume.

threshold — Refused request rate must fall below RPS threshold for service to resume.

The default values is threshold. 

Error Code

The HTTP status code to use for blocked requests. The default code is HTTP 503 — Service Unavailable. 

Monitor Attribute

An optional request attribute to monitor. 

Note –

Using CLI

To limit the requests to the server through CLI, execute the following command.

wadm> enable-request-limits --user=admin --password-file=admin.pwd 
--host=serverhost --port=8989 --config=config1 --vs=config1_vs_1

See CLI Reference, enable-request-limits(1).