Hello,

We are using BaseX 10.5 via its HTTP service in a corporate environment.

We have an automated Qualys Agent that does a vulnerability scan of that server with the BaseX.

Qualys Agent scan process includes web sites related tests such as Cross-Site Scripting, SQL Injection, etc. 

The rapid nature of the Qualys Agent requests effectively gives us a DoS attack on the eclipse.jetty.server.

It cannot process so many requests and goes down.

In the meantime, our solution is to restart BaseX HTTP service manually via basexhttp.bat.

Question: is it possible to somehow configure the eclipse.jetty.server so it will be able to sustain the Qualys Agent vulnerability scan?

Regards,
Yitzhak Khabinsky