From Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
Part of SRG-APP-000435-WSR-000148
Associated with: CCI-002385
A Denial of Service (DoS) can occur when the web server is so overwhelmed that it can no longer respond to additional requests. A web server not properly tuned may become overwhelmed and cause a DoS condition even with expected traffic from users. To avoid a DoS, the web server must be tuned to handle the expected traffic for the hosted applications.
1. Check to see if the following directives have been set appropriately for the server and application: MaxClients MPM Module -worker (StartServers, MinSpareThreads, MaxSpareThreads, ThreadsPerChild) Timeout KeepAlive KeepAliveTimeout MaxKeepAliveRequests ListenBacklog LimitRequestBody LimitRequestFields LimitRequestFieldSize LimitRequestLine LimitXMLRequestBody LimitInternalRecursion 2. If the above directives have not been set to address the specific needs of the web server and applications, this is a finding.
Set the following directives appropriately for the server and application: MaxClients MPM Module -worker (StartServers, MinSpareThreads, MaxSpareThreads, ThreadsPerChild) Timeout KeepAlive KeepAliveTimeout MaxKeepAliveRequests ListenBacklog LimitRequestBody LimitRequestFields LimitRequestFieldSize LimitRequestLine LimitXMLRequestBody LimitInternalRecursion
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer