Product Documentation

Defining an HTTP DoS Policy

Sep 03, 2013

After you enable HTTP DoS protection, you next create a policy.

Note: Before changing the default setting for Client Detect Rate, see "Tuning the Client Detection/JavaScript Challenge Response Rate."

To configure a HTTP DoS policy by using the command line interface

At the command prompt, type one of the following commands to configure an HTTP DoS policy and verify the configuration:

  • add dos policy <name> -qDepth <positive_integer> [-cltDetectRate <positive_integer>]
  • set dos policy <name> -qDepth <positive_integer> [-cltDetectRate <positive_integer>]

Example

> add dos policy pol-HTTP-DoS  -qDepth 30 
 Done 
> set dos policy pol-HTTP-DoS  -qDepth 40 
 Done 
> show dos policy 
1)      Policy: pol-HTTP-DoS    QDepth: 40 
 Done 
>

To configure an HTTP DoS policy by using the configuration utility

  1. Navigate to Security > Protection Features > HTTP DoS.
  2. In the details pane, do one of the following:
    • To create a new policy, click Add.
    • To modify an existing policy, select the policy, and then click Open.
  3. In the Create HTTP DoS Policy or Configure HTTP DoS Policy dialog box, specify values for the parameters:
  4. Click OK to create your new policy. The policy that you created appears in the details pane, and the status bar displays a message indicating that the DoS policy is successfully configured.