5.5 Ensure per-account connection limits are used

Information

Limiting concurrent connections to a PostgreSQL server can be used to reduce the risk of Denial of Service (DoS) attacks.

Rationale:

Limiting the number of concurrent sessions at the user level helps to reduce the risk of DoS attacks.

Solution

Set a per-user connection limit by running:

ALTER USER <dbuser> CONNECTION LIMIT <reasonable concurrent connection count>;

Default Value:

-1

See Also

https://workbench.cisecurity.org/benchmarks/17003

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-10

Plugin: PostgreSQLDB

Control ID: 87b5341f5a814039d89403a65e7574fa442763fbbe2b76849e1947c94f8e92d9