Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Jetty/Reference/DoSFilter"
m |
m |
||
| Line 20: | Line 20: | ||
The following init parameters control the behavior of the filter: | The following init parameters control the behavior of the filter: | ||
| − | * <tt>maxRequestsPerSec</tt>–Maximum number of requests from a connection per second. Requests in excess of this are first delayed, then throttled. | + | * <tt>maxRequestsPerSec</tt>–Maximum number of requests from a connection per second. Requests in excess of this are first delayed, then throttled. Default is 25. |
* <tt>delayMs</tt>–Delay imposed on all requests over the rate limit, before they are considered at all: | * <tt>delayMs</tt>–Delay imposed on all requests over the rate limit, before they are considered at all: | ||
| + | ** 100 (ms) = Default | ||
** -1 = Reject request | ** -1 = Reject request | ||
** 0 = No delay | ** 0 = No delay | ||
** any other value = Delay in ms | ** any other value = Delay in ms | ||
| − | * <tt>maxWaitMs</tt>–Length of time, in ms, to blocking wait for the throttle semaphore. | + | * <tt>maxWaitMs</tt>–Length of time, in ms, to blocking wait for the throttle semaphore. Default is 50. |
| − | * <tt>throttledRequests</tt>–Number of requests over the rate limit able to be considered at once. | + | * <tt>throttledRequests</tt>–Number of requests over the rate limit able to be considered at once. Default is 5. |
| − | * <tt>throttleMs</tt>–Length of time, in ms, to async wait for semaphore. | + | * <tt>throttleMs</tt>–Length of time, in ms, to async wait for semaphore. Default is 30000L. |
* <tt>maxRequestMs</t>–Length of time, in ms, to allow the request to run. | * <tt>maxRequestMs</t>–Length of time, in ms, to allow the request to run. | ||
* <tt>maxIdleTrackerMs</t>–Length of time, in ms, to keep track of request rates for a connection, before deciding that the user has gone away, and discarding it. | * <tt>maxIdleTrackerMs</t>–Length of time, in ms, to keep track of request rates for a connection, before deciding that the user has gone away, and discarding it. | ||
Revision as of 12:22, 3 September 2010
Contents
Introduction
The Denial of Service (DoS) filter limits exposure to request flooding, whether malicious, or as a result of a misconfigured client. The filter keeps track of the number of requests from a connection per second. If the requests exceed the limit, Jetty rejects, delays, or throttles the request, and sends a warning message. This works on the assumption that the attacker might be written in simple blocking style, so by suspending requests you are hopefully consuming the attacker's resources. The DoS filter is related to the QoS filter, using Continuations to prioritize requests and avoid thread starvation.
Using the DoS Filter
Jetty places throttled requests in a priority queue, giving priority first to authenticated users and users with an HttpSession, then to connections identified by their IP addresses. Connections with no way to identify them have lowest priority. To uniquely identify authenticated users, you should implement the The extractUserId(ServletRequest request) function.
Required JARs
To use the QoS Filter, these JAR files must be available in WEB-INF/lib:
- $JETTY_HOME/lib/jetty-util.jar
- $JETTY_HOME/lib/ext/jetty-servlets.jar - contains DoSFilter
Sample Configuration
Configuring DoS Filter Parameters
The following init parameters control the behavior of the filter:
- maxRequestsPerSec–Maximum number of requests from a connection per second. Requests in excess of this are first delayed, then throttled. Default is 25.
- delayMs–Delay imposed on all requests over the rate limit, before they are considered at all:
- 100 (ms) = Default
- -1 = Reject request
- 0 = No delay
- any other value = Delay in ms
- maxWaitMs–Length of time, in ms, to blocking wait for the throttle semaphore. Default is 50.
- throttledRequests–Number of requests over the rate limit able to be considered at once. Default is 5.
- throttleMs–Length of time, in ms, to async wait for semaphore. Default is 30000L.
- maxRequestMs</t>–Length of time, in ms, to allow the request to run.
- <tt>maxIdleTrackerMs</t>–Length of time, in ms, to keep track of request rates for a connection, before deciding that the user has gone away, and discarding it.
- <tt>insertHeaders</t>–If true, insert the DoSFilter headers into the response. Defaults to true.
- <tt>trackSessions</t>–If true, usage rate is tracked by session if a session exists. Defaults to true.
- <tt>remotePortIf true and session tracking is not used, then rate is tracked by IP+port (effectively connection). Defaults to false.
- ipWhitelistA comma-separated list of IP addresses that will not be rate limited.
- managedAttrIf set to true, then this servlet is set as a ServletContext attribute with the filter name as the attribute name. This allows context external mechanism (eg JMX via ContextHandler.MANAGED_ATTRIBUTES) to manage the configuration of the filter.