- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
12-13-2016 12:12 PM
For our website we host a database in our DMZ network. When we recieve a lot of calls from the website to the database the connection get a reset because the firewall see this as an attack (40031). Is there a way to configurate that the firewall allow more connections but that we are still save for attacks?
12-13-2016 12:48 PM
You could just make an exception for that server and then setup DoS protection for the server. It won't protect against HTTP unauthorized brute-force attempts per say, but usually when people launch an attack like this they would do it in a way that will trip a DoS profile.
12-13-2016 10:22 PM
Hi BPry,
Thanks for the info. Can you give me some more information about how to setup the right settings?
12-13-2016 11:37 PM
Hi,
You can add an exception in the security profile on the basis of IP address and what it will do that it will not consider/identify this specific Threat for this source/destination.
Or, if you have specific security profile configured for this web server only, you can change the default action of this specific threat in the security profile, but make sure that it's not in use anywhere else at all, otherwise it will affect all.
DoS profile can be configured to provide protection against flood attack, it's an end host protection.
Best Regards,
Fozail
12-14-2016 12:52 AM - edited 12-14-2016 12:58 AM
you can also tweak the number of hits required for the signature to trigger :
this way you can still leverage the added protection this signature offers on top of DoS protection
or simply add the server to the exceptions and still apply the signature to all other traffic
12-14-2016 01:22 AM
All these answers helped me to configure a good policy.
Thanks all!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!