Detections
Analytics
WG110 A22 - The number of allowed simultaneous requests must be set.
Information
Resource exhaustion can occur when an unlimited number of concurrent requests are allowed on a web site, facilitating a denial of service attack. Mitigating this kind of attack will include limiting the number of concurrent HTTP/HTTPS requests per IP address and may include, where feasible, limiting parameter values associated with keepalive, (i.e., a parameter used to limit the amount of time a connection may be inactive).Solution
Edit the httpd.conf file and set the MaxKeepAliveRequests directive to 100 or greater.See Also
https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_UNIX_V1R11_STIG.zip
Item Details
Audit Name: DISA STIG Apache Site 2.2 Unix v1r11 Middleware
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-6, CAT|II, Rule-ID|SV-33018r1_rule, STIG-ID|WG110_A22, Vuln-ID|V-2240
Plugin: Unix
Control ID: 6b50ae1940c70d4f8c4908fca62afed5462328074bb3be2f7e9861ad49b08766