Product Documentation

Define an HTTP DoS policy

After you enable HTTP DoS protection, you next create a policy.

Note: Before changing the default setting for Client Detect Rate, see Tuning the Client Detection/JavaScript Challenge Response Rate.

Configure a HTTP DoS policy by using the CLI

At the command prompt, type one of the following commands to configure an HTTP DoS policy and verify the configuration:

-  add dos policy <name> -qDepth <positive_integer> [-cltDetectRate <positive_integer>]
-  set dos policy <name> -qDepth <positive_integer> [-cltDetectRate <positive_integer>]

Example:

> add dos policy pol-HTTP-DoS  -qDepth 30
 Done
> set dos policy pol-HTTP-DoS  -qDepth 40
 Done
> show dos policy
1)      Policy: pol-HTTP-DoS    QDepth: 40
 Done

Configure an HTTP DoS policy by using the GUI

  1. Navigate to Security > Protection Features > HTTP DoS.
  2. In the details pane, do one of the following:
    • To create a new policy, click Add.
    • To modify an existing policy, select the policy, and then click Open.
  3. In the Create HTTP DoS Policy or Configure HTTP DoS Policy dialog box, specify values for the parameters:
  4. Click OK to create your new policy. The policy that you created appears in the details pane, and the status bar displays a message indicating that the DoS policy is successfully configured.

Define an HTTP DoS policy