UCF STIG Viewer Logo

The number of allowed simultaneous requests must be set.


Overview

Finding ID Version Rule ID IA Controls Severity
V-2240 WG110 W22 SV-33105r1_rule ECSC-1 Medium
Description
Resource exhaustion can occur when an unlimited number of concurrent requests are allowed on a web site, facilitating a denial of service attack. Mitigating this kind of attack will include limiting the number of concurrent HTTP/HTTPS requests per IP address and may include, where feasible, limiting parameter values associated with keepalive, (i.e., a parameter used to limit the amount of time a connection may be inactive).
STIG Date
APACHE SITE 2.2 for Windows 2013-12-19

Details

Check Text ( C-33766r1_chk )
Locate the Apache httpd.conf file.

If unable to locate the file, perform a search of the system to find the location of the file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: MaxKeepAliveRequests

Every enabled MaxKeepAliveRequests value needs to be 100 or greater. If any directive is less than 100, this is a finding.
Fix Text (F-29403r1_fix)
Set the MaxKeepAliveRequests directive to 100 or greater.