Table of Contents
This chapter discusses how SavaPage secures sensitive user and application data, and how it communicates with external Information Providers.
A Denial of Service Filter (DoSFilter) keeps track of the number of requests from
a connection to the SavaPage server per second. If a limit is exceeded, the
request is either delayed, throttled, rejected or aborted. A throttled request is
placed in a queue and will only proceed when there is capacity. HTTP status code
429
is sent if there are too many requests.
Details of the filtered requests are persisted in the rotating log file:
/opt/savapage/server/logs/security.log
This file has a tab separated value (TSV) format for easy import and
manipulation into spreadsheet programs. See
/opt/savapage/server/data/log4j.properties
for
more information.
If your log4j.properties
does not contain the "Security
Logger" section, copy it from:
/opt/savapage/server/examples/data/log4j.properties.template
Configuration property | Description |
---|---|
system.dosfilter.enable |
Set to DoSFilter statistics are shown in the Admin Web App. See Section 4.3.7, “Filtered Requests”. |
system.dosfilter.delay-msec |
Delay (in milliseconds) that is applied to all requests
over the rate limit
|
system.dosfilter.max-idle-tracker-msec |
Maximum amount of time (in milliseconds) to keep track of
request rates for a connection, before deciding that the
user has gone away, and discarding it. Default:
|
system.dosfilter.max-request-msec |
Maximum amount of time (in milliseconds) to allow the
request to process. Default:
|
system.dosfilter.max-requests-per-sec |
Maximum number of requests from a connection per second.
Requests in excess of this are first delayed, then
throttled. Default: |
system.dosfilter.throttle-msec |
Amount of time (in milliseconds) to async wait for
semaphore. Default: |
system.dosfilter.throttled-requests |
Number of requests over the rate limit able to be
considered at once. Default: |
system.dosfilter.too-many-code |
HTTP status code to send if there are too many requests. Default: 429 (too many requests). 503 (service unavailable) is another option. |
system.dosfilter.whitelist |
Comma-separated list of host names or IP addresses, either
in the form of a dotted decimal notation
|
system.dosfilter.warn-interval.applog.mins |
Interval (minutes) within which DoSFilter events are
totaled and written as warning in the Application Log.
The expiration of the interval is triggered by a DoSFilter
event. Default: |
system.dosfilter.warn-interval.webapp.secs |
Interval (seconds) within which DoSFilter events are
totaled and send as Real-time
Activity warning with popup message to the Admin
Web App. Default: |
Table 17.1. DoSFilter Configuration Properties
See Section 4.11.14, “Config Editor” on how
to set these properties.