Details
The connectionTimeout setting allows Tomcat to close idle sockets after a specific amount of time to save system resources.
Rationale:
Closing idle sockets reduces system resource usage which can provide better performance and help protect against Denial of Service attacks.
Impact:
This timeout will also apply when reading any request body when disableUploadTimeout is not set to false.
Solution
Set the connectionTimeout for each connector in $CATALINA_HOME/conf/server.xml ensure to the optimal number of milliseconds based on hardware resources, load, and number of concurrent connections.
connectionTimeout=’60000′
Default Value:
By default this is set to 60000 (i.e. 60 seconds).
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.