Adobe 38043740 Lockdown Guide - Page 63

5.2 Server Settings > Request Tuning The Request Tuning settings can help mitigate the ability to perform a successful Denial of Service (DOS) attack on your server. Setting Maximum number of simultaneous Template requests Default 25 Maximum number 5 of simultaneous Flash Remoting requests Maximum number 5 of simultaneous Web Service requests Recommendation Description Tuned based on hardware capabilities, and application characteristics. When this setting is too high or too low the ability to perform a denial of service attack increases. When too low requests will be queued when the server is placed under load. When too high requests may not be queued under load causing the CPU time of all requests to increase significantly (known as context switching). Find a good medium by performing load tests against your production environment, use the value that has the ability to serve the most requests per second. 1 if not using Flash Remoting, otherwise tuned. If your applications do not use flash remoting set this value to 1. If you do use flash remoting use a load testing approach to find the optimal value for this setting. 1 if not using SOAP web services, otherwise tuned If your applications do not use SOAP web services set this value to 1. Otherwise tune this setting using load tests. 63