Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35434 | SRG-APP-000245-AS-000163 | SV-46721r1_rule | Medium |
| Description |
|---|
| Employing increased capacity and bandwidth combined with service redundancy can reduce the susceptibility to some DoS attacks. When utilizing an application server in a high risk environment (such as a DMZ), the amount of access to the system from various sources usually increases as does the system's risk of becoming more susceptible to DoS attacks. The application server must be able to be configured to withstand or minimize the risk of DoS attacks. This can be partially achieved if the AS provides configuration options that limit the number of allowed concurrent HTTP connections. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43788r1_chk ) |
|---|
| Review AS documentation and configuration to determine if the AS can be configured to limit the number of concurrent connections. If the AS cannot be configured to limit the number of concurrent HTTP connections, this is a finding. |
| Fix Text (F-39978r2_fix) |
|---|
| Configure the AS to limit the number of concurrent HTTP sessions. |