Specifies the maximum number of requests allowed to access this application from the same source IP address within the given period (in seconds).
The request frequency filter is based on a statistical function that efficiently approximates the real request frequency with a low variance. The variance may be noticeable during testing, but the request frequency filter should give satisfying results for productive scenarios.
When the request threshold is reached, the requests will be blocked with HTTP response status code 503
(instead of 400
).
The log message will be accordingly:
WR-SG-BLOCK-160, "Maximum number of allowed requests (...) within ... seconds for this IP (...) reached". attack_type: Denial of service, block_type: DOS Thresholds, constraint: Threshold