WG110 W22 - The number of allowed simultaneous requests must be set.

Information

Resource exhaustion can occur when an unlimited number of concurrent requests are allowed on a web site, facilitating a denial of service attack. Mitigating this kind of attack will include limiting the number of concurrent HTTP/HTTPS requests per IP address and may include, where feasible, limiting parameter values associated with keepalive, (i.e., a parameter used to limit the amount of time a connection may be inactive).

Solution

Set the MaxKeepAliveRequests directive to 100 or greater.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_WIN_V1R13_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-5, CAT|II, Rule-ID|SV-33105r2_rule, STIG-ID|WG110_W22, Vuln-ID|V-2240

Plugin: Windows

Control ID: 625ad735ac5b7f0961236bcf0800d09a3a2459d3cce75322af59c984020751c2