Hi Yitzhak,
have you checked the resulting log files in the data/.logs directory? Are there specific requests that take too much time, or is it the plain number of incoming requests that eventually slows down the system?
Best, Christian
On Mon, Apr 3, 2023 at 4:29 PM ykhabins@bellsouth.net wrote:
Hello,
We are using BaseX 10.5 via its HTTP service in a corporate environment.
We have an automated Qualys Agent that does a vulnerability scan of that server with the BaseX.
Qualys Agent scan process includes web sites related tests such as Cross-Site Scripting, SQL Injection, etc.
The rapid nature of the Qualys Agent requests effectively gives us a DoS attack on the eclipse.jetty.server.
It cannot process so many requests and goes down.
In the meantime, our solution is to restart BaseX HTTP service manually via basexhttp.bat.
Question: is it possible to somehow configure the eclipse.jetty.server so it will be able to sustain the Qualys Agent vulnerability scan?
Regards, Yitzhak Khabinsky