We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

How can I prevent session-based Denial of Service (DoS) attacks with the Barracuda Web Application Firewall?

  • Type: Knowledgebase
  • Date changed: 7 years ago

Solution #00005881


Scope:

This solution applies to the Barracuda Web Application Firewall, all firmware versions.

Answer:
Session tracking will enable the Barracuda Web Application Firewall to limit the number of sessions originating from a particular client IP address in a given interval of time. Limiting the session generation rate by client IP helps prevent session-based Denial of Service (DoS) attacks.

To configure Session tracking you need to go to Websites > Advanced Security > Session Tracking and click on 'Edit' for the service to which we need to enable Session tracking.

New Session Count - Specifies the maximum number of new sessions allowed per IP address in a given time interval (specified below).
Range: 1 - 65535
Default: 10

Interval - Specifies a time window in seconds. Within this time period, the same client will not be allowed to establish more sessions than that specified in the 'New Session Count' parameter above.
Range: 1 - 6000 seconds
Default: 60

Status - Set this parameter to On to activate session tracking to limit the requests originating from a particular client IP address in a given interval of time for this service..
Default: Off

Session Identifiers - Select the token type which is used to recognize sessions.

Exception Clients: Specify the IP addresses that should be exempted (not locked out). You can enter a single, or a range of IP addresses, or a combination of both with comma (,) as a delimiter. The range of IP addresses must be separated with a hyphen (-). This makes an exception list of client IPs (permitted users). This list should not have any overlapping IP ranges.
Values: Suitable IP Range

Link to this page:

https://campus.barracuda.com/solution/50160000000IgnYAAS