{"description": "The <tt>MaxKeepAliveRequests</tt> directive should be set and configured to\n<sub idref=\"var_max_keepalive_requests\" /> or greater by setting the following\nin <tt>/etc/httpd/conf/httpd.conf</tt>:\n<pre>MaxKeepAliveRequests <sub idref=\"var_max_keepalive_requests\" /></pre>", "rationale": "Resource exhaustion can occur when an unlimited number of concurrent requests\nare allowed on a web site, facilitating a denial of service attack. Mitigating\nthis kind of attack will include limiting the number of concurrent HTTP/HTTPS\nrequests per IP address and may include, where feasible, limiting parameter\nvalues associated with keepalive, (i.e., a parameter used to limit the amount of\ntime a connection may be inactive).", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "it is not", "ocil": "To verify if <tt>MaxKeepAliveRequests</tt> is configured correctly in\n<tt>/etc/httpd/conf/httpd.conf</tt>, run the following command:\n<pre>$ grep -i maxkeepaliverequests /etc/httpd/conf/httpd.conf</pre>\nThe command should return the following:\n<pre>MaxKeepAliveRequests 100</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Configure The Number of Allowed Simultaneous Requests", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml", "template": null}