Hi
I have recently started using GeoServer 2.11
As part of my organisation's requirement I had run a security scan on the
server and found Slow HTTP Denial of Service attack open.
I tried using DoS filter for jetty as below in webapps/geoserver/web.xml,
however, the issue still persists and I could not find any other way to
mitigate this risk on the geoserver.
Request if you could help me on the ASAP as my urgent release is on a hold in
the absence of fixing this risk.
<filter>
<filter-name>DoSFilter</filter-name>
<filter-class>org.eclipse.jetty.servlets.DoSFilter</filter-class>
<init-param>
<param-name>maxRequestsPerSec</param-name>
<param-value>30</param-value>
<param-name>delayMs</param-name>
<param-value>0</param-value>
<param-name>maxRequestMs</param-name>
<param-value>10000</param-value>
<param-name>maxIdleTrackerMs</param-name>
<param-value>10000</param-value>
</init-param>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>DoSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Regards
Himani Aggarwal
============================================================================================================================
Disclaimer: This message and the information contained herein is proprietary
and confidential and subject to the Tech Mahindra policy statement, you may
review the policy at http://www.techmahindra.com/Disclaimer.html
<http://www.techmahindra.com/Disclaimer.html> externally
http://tim.techmahindra.com/tim/disclaimer.html
<http://tim.techmahindra.com/tim/disclaimer.html> internally within
TechMahindra.
============================================================================================================================
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users