Limiting Requests Globally

Software AG Products 10.5 | Administering Integration Server | Configuring webMethods Enterprise Gateway | Preventing Denial of Service Attacks | Limiting Requests Globally

Use this procedure to limit the total number of requests Enterprise Gateway Server will accept and the number it will process concurrently. When you select the global option, the server considers all incoming requests, regardless of originating IP address. If you have configured a list of trusted IP addresses, requests from those IP addresses are not counted toward the request limit. When the number of requests exceeds the configured limit, the server blocks all requests at all Enterprise Gateway external ports for a period of time you specify. However, Enterprise Gateway Server will continue to accept requests from trusted IP addresses even after the configured limit is reached.

If you want to limit the number of requests Enterprise Gateway Server will accept from individual IP addresses, see Limiting Requests by IP Address.

If you specify both the global and IP address options, Enterprise Gateway Server performs the global processing first.

To limit requests globally

1. Open Integration Server Administrator on the Integration Server acting as the Enterprise Gateway Server.

2. In the Navigation panel, select Security > Enterprise Gateway Rules.

3. In the Navigation panel on the Enterprise Gateway Rules screen, click Denial of Service Options and then click Configure Global Denial of Service.

4. Select the Enable check box.

5. In the Maximum Requests box, enter the maximum number of requests you want Enterprise Gateway Server to accept in a given time interval. Then, enter the time interval, in seconds.

6. In the Maximum Requests in Progress box, enter the maximum number of requests that can be in progress at the same time.

7. In the Block Interval box, enter the number of minutes Enterprise Gateway Server is to block requests on every Enterprise Gateway external port.

8. In the Error Message box, enter a custom message to send to the client, if desired, when a request is denied.

9. In the Trusted IP Address Range box, enter the trusted IPv4 or IPv6 addresses so that requests from these IP addresses are always allowed. You can specify multiple IP addresses or IP address ranges separated by commas (,). For more information about trusted IP address ranges, see About Trusted IP Addresses.

10. Click Save Changes.