75
AAD (Automatic Attack Detection)
The Automatic Attach Detection (AAD) security feature controls how many concurrent open TCP
connections from a single source IP address is allowed to connect.
TCP Connection Attack Threshold
This will set the maximum number of concurrent connections a client can make before the
WebMux will consider it an attack. You do not want to set this value too low because most
of the time, servers will experience several concurrent connections during normal
operations. Usually a DoS or DDoS connection attack comes in by the hundreds. Set this
value according to your needs.
Client Whitelist for TCP Attacks
It may be necessary to allow certain IPs to make connections that may appear to be attacks.
For example, if you have a third party company that regularly benchmarks your services for
maximum load handling, you will need to allow that company uninterrupted access. You
can use a specific IP address or specify a network range (i.e. xxx.xxx.xxx.0/24). Separate
each entry with a colon (:).
Duration to Block Attackers
This sets the amount of time to block attacker IP addresses. It may not be desirable to block
specific IP addresses indefinitely because of the dynamic nature of IP addresses used by
the general public. You may end up blocking out potential customers in the future.
Therefore, this setting allows you to set the IP blocking duration that suite your needs.
Changing the settings in this page will not require a reboot and is effective once you click
the confirm button.
