How do I configure attack-detection mode for a server or a server group?

FAQ ID:    FAQ2097
Version:    1.0
Status:    Published
Published date:    04/23/2012



The ProxySG prevents an attack on a server or a server group by limiting the number of simultaneous connection requests to the server or server group. When you enable attack detection for servers, the ProxySG maintains a counter (server request limit) for incoming connection requests. When the number of simultaneous requests exceeds this counter, it triggers the server request limit exceeded threshold. At this threshold, the maximum number of inbound connections that the ProxySG permits to any server or server group, the ProxySG blocks further incoming requests. This action prevents the server from being overwhelmed and thereby preempts the server from becoming unresponsive or crashing.

When the server request limit exceeded threshold is reached, the Web browser displays an HTTP 503, “Server not reachable” response to the user.

To add a server or create a server group:

  1. At the (config) prompt enter the following commands:

SGOS#(config) attack-detection

SGOS#(config attack-detection) server

The prompt changes to SGOS#(config server)

  1. You must add a server/create a server group before you can make changes to the configuration. Create the first host in a server group, using the fully qualified domain name:

SGOS#(config server) create hostname

To edit a server or server group:

SGOS#(config server) edit hostname

The prompt changes to (config server hostname).

SGOS#(config server hostname) {add | remove} hostname

Remember to use the fully qualified domain name for each server that you add. For example, to add a couple servers to the bluecoat.com server group enter the following commands:

SGOS#(config server bluecoat.com) add intranet.bluecoat.com

SGOS#(config server bluecoat.com) add kbase.bluecoat.com

To modify the request limit:

SGOS#(config server hostname) request-limit integer_from_1_to_65535

The default value is 1000.

To view the server or server group configuration:

SGOS#(config server hostname) view


SGOS#(config server bluecoat.com) view
Server configuration for bluecoat.com:

Request limit: 1000




Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question