626
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] http-flood port 80 8080
Related commands
• http-flood action
• http-flood detect
• http-flood detect non-specific
http-flood threshold
Use http-flood threshold to set the global threshold for triggering HTTP flood attack prevention.
Use undo http-flood threshold to restore the default.
Syntax
http-flood threshold threshold-value
undo http-flood threshold
Default
The global threshold is 1000 for triggering HTTP flood attack prevention.
Views
Attack defense policy view
Predefined user roles
network-admin
Parameters
threshold-value: Specifies the threshold for triggering HTTP flood attack prevention. The value range is 1
to 1000000 in units of HTTP packets sent to an IP address per second.
Usage guidelines
The global threshold applies to HTTP flood attack detection for non-specific IP addresses.
Adjust the threshold according to the application scenarios. If the number of HTTP packets to a protected
HTTP server is normally large, set a large threshold. A small threshold might affect the server services. For
a network that is unstable or susceptible to attacks, set a small threshold.
Examples
# Set the global threshold to 100 for triggering HTTP flood attack prevention in attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] http-flood threshold 100
Related commands
• http-flood action
• http-flood detect
• http-flood detect non-specific
To Next Page
Loading...
