Parameter:
HTTPMaxConnectionsPerIPShort description: Limits the number of concurrent open HTTP connections per source IP address – effective protection against simple DoS scenarios.
Profile
Parameter | HTTPMaxConnectionsPerIP |
Category | HTTP / Web |
Component | Server |
Available since | 10.0 |
Supported versions | 10.0, 11.0, 12.0, 14.0, 14.5, 14.5.1 |
GUI equivalent | Configuration document |
Possible values | Integer (typical 50 – 200); 0 = unlimited |
Description
Individual clients or malicious bots can "exhaust" a web server by opening a very large number of concurrent connections.
HTTPMaxConnectionsPerIP sets an upper bound: if a single source IP exceeds this value, the Domino HTTP task rejects further connections. This preserves capacity for regular clients. Especially on directly Internet-facing servers (without a WAF / reverse proxy in front), this is a sensible baseline hardening.Example configuration
HTTPMaxConnectionsPerIP=100
Notes & pitfalls
- Behind NAT, reverse proxies, or carrier-grade NAT, all clients appear with the same source IP – values that are too small block legitimate user groups.
- For reverse-proxy architectures, configure the limit on the upstream component and keep the value on Domino moderate.
- Takes effect after an HTTP restart (
tell http restart).
- Pairs with
HTTPProcessRedirects,HTTP_SESSION_COOKIES_SECURE, and WAF / rate-limiting in the infrastructure.