Specifies the maximum number of requests that are allowed to access this application from the same source IP address within the given period of time (in seconds). Note that the request frequency filter is based on a statistical function that approximates the real request frequency in a very efficient way. Therefore, there exists a small associated variance in the number of requests that are allowed which may be noticed in tests. For productive scenarios, the request frequency filter of Airlock Gateway should give satisfying results.
When the request threshold is reached, the requests will be blocked with HTTP response status code 503
(instead of 400
).
The log message will be accordingly:
WR-SG-BLOCK-160, "Maximum number of allowed requests (...) within ... seconds for this IP (...) reached". attack_type: Denial of service, block_type: DOS Thresholds, constraint: Threshold