5.5 Ensure per-account connection limits are used

Information

Limiting concurrent connections to a PostgreSQL server can be used to reduce the risk of Denial of Service (DoS) attacks.

Rationale:

Limiting the number of concurrent sessions at the user level helps to reduce the risk of DoS attacks.

Solution

Set a per-user connection limit by running:

ALTER USER <dbuser> CONNECTION LIMIT <reasonable concurrent connection count>;

Default Value:

-1

See Also

https://workbench.cisecurity.org/benchmarks/17004

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-10

Plugin: PostgreSQLDB

Control ID: 248604bfe636f7d3c454d97e37aa05956ea764b5b193508a331e343fb7d2739b