To avoid large buffer attacks from different HTTP clients accessing the various Fulfillment web applications:

Scenario : While you are setting up a WebLogic Server domain for a fulfillment service application
you have the following requirements: The Fulfillment application should be scalable and highly
available; different users will use the application using a different DNS name. This application is
also exposed to some business partners using other protocols in addition to HTTP and this site
also needs to be configured for transport level security. Different certificates should be installed in
the server for different clients (using different DNS names). Even the site should withstand
hardware NIC failures too. To avoid large buffer attacks from different HTTP clients accessing the
various Fulfillment web applications:

A.
Change the “Stop Buffer Attack” attribute in weblogic.xml to true.

B.
Configure “Max Post Size” to limit the maximum post size the server can accept.

C.
Configure virtual hosts to route the large buffer attacks to a dead request channel.

D.
Enable the “Tunneling” attribute for the server.


Leave a Reply

Your email address will not be published. Required fields are marked *