[jboss-jira] [JBoss JIRA] (WFLY-3797) Need post-timeout for WildFly / Undertow
Stuart Douglas (JIRA)
issues at jboss.org
Sun Aug 31 22:24:59 EDT 2014
[ https://issues.jboss.org/browse/WFLY-3797?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12997263#comment-12997263 ]
Stuart Douglas commented on WFLY-3797:
--------------------------------------
Undertow supports an IDLE_TIMEOUT setting that will act the same as the weblogic feature, however I don't know how useful it is at preventing a DOS, as it does not take into account the amount of data that the remote endpoint is sending (e.g. the remote endpoint could sent one byte every 20 seconds, and this will defeat the timeout).
An alternative approach is to provide a minimum data rate, and drop connections that fall below this limit. This will be addressed before WF 9, but I am still thinking about the best way to approach this.
> Need post-timeout for WildFly / Undertow
> ----------------------------------------
>
> Key: WFLY-3797
> URL: https://issues.jboss.org/browse/WFLY-3797
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Affects Versions: 8.1.0.Final
> Reporter: Lyle Wang
> Assignee: Stuart Douglas
>
> Is that possible to provide post timeout to prevent DoS ? JBoss AS 7 or WildFly has no such feature/option, but weblogic provides this:
> http://docs.oracle.com/cd/E17904_01/web.1111/e13701/web_server.htm#i1059782
> Currently only "max-post-size" is supported:
> https://docs.jboss.org/author/display/WFLY8/Undertow+%28web%29+subsystem+configuration
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list