Table of Contents
Advertisement
Related commands
http-flood action
http-flood detect
http-flood detect non-specific
http-flood threshold
Use http-flood threshold to set the global threshold for triggering HTTP flood attack prevention.
Use undo http-flood threshold to restore the default.
Syntax
http-flood threshold threshold-value
undo http-flood threshold
Default
The global threshold is 1000 for triggering HTTP flood attack prevention.
Views
Attack defense policy view
Predefined user roles
network-admin
mdc-admin
Parameters
threshold-value: Specifies the threshold value. The value range is 1 to 1000000 in units of HTTP
packets sent to an IP address per second.
Usage guidelines
With global HTTP flood attack detection configured, the device is in attack detection state. When the
sending rate of HTTP packets to an IP address reaches the threshold, the device enters prevention
state and takes the specified actions. When the rate is below the silence threshold (three-fourths of
the threshold), the device returns to the attack detection state.
The global threshold applies to global HTTP flood attack detection. Adjust the threshold according to
the application scenarios. If the number of HTTP packets sent to a protected HTTP server is normally
large, set a large threshold. A small threshold might affect the server services. For a network that is
unstable or susceptible to attacks, set a small threshold.
Examples
# Set the global threshold to 100 for triggering HTTP flood attack prevention in attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] http-flood threshold 100
Related commands
http-flood action
http-flood detect
http-flood detect non-specific
569
Advertisement
Table of Contents
