10.10 Configure connectionTimeout

Information

The connectionTimeout setting allows Tomcat to close idle sockets after a specific amount of time to save system resources. Closing idle sockets reduces system resource usage thus can provide better performance and help protect against Denial of Service attacks.

Solution

Within $CATALINA_HOME/conf/server.xml ensure each connector is configured to the connectionTimeout setting that is optimal based on hardware resources, load, and number of concurrent connections.

See Also

https://workbench.cisecurity.org/files/266

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-12

Plugin: Unix

Control ID: dbb69d0a8e7ef33e253e12591f89fce5e5dfd800a9635fe90cf402b0093254e0