Integration Server 10.3 | Integration Server Administrator's Guide | Configuring webMethods Enterprise Gateway | Preventing Denial of Service Attacks | Limiting Requests by IP Address
 
Limiting Requests by IP Address
Use this procedure to limit the number of requests Enterprise Gateway Server will accept, or process concurrently, from any single IP address.
If the number of requests from an IP address exceeds the configured limit, Enterprise Gateway Server blocks requests from that IP address at all Enterprise Gateway external ports permanently, or for a period of time you specify. However, Enterprise Gateway Server will continue to accept requests from trusted IP addresses even after the configured limit is reached.
If you want to limit the total number of requests Enterprise Gateway Server will accept, regardless of IP address, see Limiting Requests Globally.
If you specify both global and IP address options, Enterprise Gateway Server performs the global processing first.
*To limit requests by IP address
1. Open Integration Server Administrator on the Integration Server acting as the Enterprise Gateway Server.
2. In the Navigation panel, select Security > Enterprise Gateway Rules.
3. In the Navigation panel on the Enterprise Gateway Rules screen, click Denial of Service Options and then click Configure Denial of Service by IP Address.
4. Select the Enable check box.
5. In the Maximum Requests box, enter the maximum number of requests that Enterprise Gateway Server can accept from a specific IP address in a given time interval. Then, enter the time interval, in seconds.
6. In the Maximum Requests in Progress box, enter the maximum number of requests that Enterprise Gateway Server can process concurrently from any single IP address.
7. In the When Limit Exceeds box, specify an action to take when the number of requests from a non-trusted IP address exceeds the specified limits.
*To permanently deny future requests from the IP address, select Add to Deny List. Enterprise Gateway Server adds the IP address to the Enterprise Gateway deny list. As a result, requests from this IP address will be denied at every Enterprise Gateway external port. The IP address remains in the deny list until an administrator deletes it from the list.
Note:
The Enterprise Gateway deny list takes precedence over the port-level allow/deny list for the Enterprise Gateway external port.
*To temporarily block requests from this IP address, select Block. In the Block Interval box, specify the number of minutes you want requests to be blocked. To block requests, Enterprise Gateway Server adds the IP address to the Enterprise Gateway deny list. As a result, the server denies requests from this IP address on every Enterprise Gateway external port for the configured time period.
8. In the Error Message box, enter a custom message to send to the client, if desired, when a request is denied.
9. In the Trusted IP Address Range box, enter IP addresses or range of trusted IPv4 or IPv6 addresses so that requests from these IP addresses are always allowed. You can specify multiple IP addresses or IP address ranges separated by commas (,). For more information about specifying trusted IP addresses, see About Trusted IP Addresses.
10. Click Save Changes.