10.10 Configure connectionTimeout

Information

The connectionTimeout setting allows Tomcat to close idle sockets after a specific amount of time to save system resources. Closing idle sockets reduces system resource usage thus can provide better performance and help protect against Denial of Service attacks.

Solution

Within $CATALINA_HOME/conf/server.xml ensure each connector is configured to the connectionTimeout setting that is optimal based on hardware resources, load, and number of concurrent connections.

See Also

https://workbench.cisecurity.org/files/266

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-12

Plugin: Unix

Control ID: afd10237b0ff4c937f789f84150a59fe3700c62caad619c38efcc9df042fd902