Open the console and select Server Configuration to display the general server configuration dialog.
The following subsections describe the server configuration options.
Select Parameters in the Server Configuration dialog to display the server parameters dialog.
The dialog includes the following fields:
Server Root: The root path of the web server. By default, it is the directory where Abyss Web Server executable is installed. It is used as the base path for all relative real paths in the configuration.
Timeout: How many seconds the server waits for an inactive connection before closing it.
Keep-Alive Requests: The maximum number of requests that can be served over the same connection. Only HTTP/1.1 and some HTTP/1.0 compliant browsers can benefit from this feature.
Maximum Simultaneous Requests: The maximum number of requests the server can serve in parallel.
When the server sends a document to a browser, it also sends its MIME type. This information helps the browser to know what kind of file it is (HTML, ZIP, JPEG image, etc…) and what to do with it (display it, save it on the disk, launch a configured application to read it, etc…). Abyss Web Server comes with a preset list of common MIME types. To modify this list, select MIME Types in the server configuration menu.
Use the displayed table to edit, remove or add MIME types. A MIME Type has the format type/subtype and is associated to one or more extensions separated by spaces.
Abyss Web Server gives you complete control over the bandwidth the server uses when answering to requests. Select Global Bandwidth Limits in the Server Configuration dialog to display the global bandwidth parameters dialog. For finer bandwidth settings, you should use Bandwidth Limits in every host configuration menu.
The dialog contains the following fields:
Maximum Total Bandwidth: The amount of output bandwidth that the server should not exceed for all the connections. If empty or set to 0, it is considered as unlimited.
Maximum Bandwidth Per IP Address: The total amount of output bandwidth that the server should not exceed for all the connections made by a single IP address. If empty or set to 0, it is considered as unlimited.
Note: Abyss Web Server does always its best to deliver data to clients while respecting the restrictions set on the bandwidth. For example, assume that Maximum Total Bandwidth is set to 10 KB/s and Maximum Bandwidth Per IP Address to 4 KB/s. If there are 2 clients connecting from different IP addresses, the server allocates to each of them a bandwidth of 4 KB/s. But if there are 5 clients, the server will allocate to each of them only 2 KB/s.
Although Abyss Web Server is secure and has an integrated system to prevent malicious accesses to the server, it was equipped with an automatic anti-hacking protection system to detect clients that are trying to attack the server and to ban them. This system improves the overall security, detects at an early stage denial of service attacks, and saves the bandwidth that could be wasted during attacks.
To configure the anti-hacking system, select Anti-Hacking Protection in the Server Configuration dialog.
The displayed dialog is made of the following items:
Enable Automatic Anti-Hacking Protection: Check it to enable the automatic anti-hacking protection system.
Do not Monitor Requests from: This table contains the IP addresses or IP address ranges that should not be protected against hacking. Refer to "IP Addresses and Ranges Format" appendix for more information about the IP addresses and ranges. Fill this table with trusted IP addresses only.
Bad Requests Count Before Banning: The number of tolerated bad requests before considering the client as attempting to hack the server. A request that results in a reply which HTTP status code is 400 or 401 is counted as a bad request. A request that results in a reply which HTTP status code is 403, 404, 405, or 408 is counted as half a bad request.
Monitoring Period: The server considers only the bad requests that are generated by a client during the last Monitoring Period to decide whether to ban it or not. The bigger this parameter is, the more memory the anti-hacking system needs to record all the bad requests.
Banning Duration: How much time a client is banned when it is considered as hacking the server.
In other words, the anti-hacking system works as follows: If a client has generated Bad Requests Count Before Banning bad requests during the last Monitoring Period seconds, then ban it for the next Banning Duration seconds. When a client is banned, the server will not accept connections from it.
Note: The server preserves the list of banned clients when it is shutdown. So if a client was banned for 2 hours at 10:00, and if the server was stopped at 10:15 and restarted at 11:00, the server will continue to not accept requests from the banned client until 12:00.