Username
|
The username of the administrator.
admin is the default username.
|
Password
|
The password of the administrator.
admin is the default password.
The password must be entered twice and both passwords must match.
|
Address
|
The IP address or the host name to listen to.
* indicates any ip address or host name.
* is the default for iServer.
|
Port
|
The port number to use, a value from 1 to 65536.
8080 is the default port for iServer.
80 is the default port for Web Servers.
443 is the default port for SSL Web Servers.
Only one application at a time can use any given port number.
|
Default Files
|
The default document to use when one is not specified.
index.html is the default for iServer.
Zero or more comma delimited file names can be specified.
|
Connections
|
The default number of threads to startup.
25 is the default for iServer.
The number specified must be greater than or equal to 5.
|
Maximum Connections
|
The maximum number of threads to startup.
50 is the default for iServer.
The value must be greater than or equal to the number of connections.
|
Backlog
|
The maximum number of pending request to queue.
50 is the default for iServer.
The number specified must be greater than or equal to 0.
|
Timeout
|
The number of milliseconds to wait for the client to respond before closing
the connection.
300000 milliseconds (5 minutes) is the default for iServer.
If -1 is used the connection will never to timeout. Using this
value is dangerous and opens the server to denial of service attacks.
If the value is less 1000 then 1000 will be used.
|
Shutdown Delay
|
The number of seconds to wait for requests being processed to complete before
shutting down the server.
60 seconds is the default for iServer.
-1 can be used to wait for all requests to finish processing. Using
this value may result in the server hanging while trying to shutdown waiting
for a request the will never complete.
|
Keep Alive Enabled
|
Used to indicate whether the connection should be kept open between requests.
Yes is the default for iServer.
Setting this value to No may have a negative impact on performance.
|
Keep Alive Requests
|
The maximum number of consecutive requests that will be allowed before the
connection is closed.
5 is the default for iServer.
-1 can be used to always keep the connection alive. Using this value
is dangerous and opens the server to denial of service attacks.
The number must be at least 5.
Setting this value too large may result in denial of service.
|
Keep Alive Timeout
|
The maximum number of seconds to service a client requests before closing
the connection.
30 seconds is the default for iServer.
-1 can be used to always keep the connection alive. Using this value
is dangerous and opens the server to denial of service attacks.
The number must be 15 or more seconds.
Setting this value too large may result in denial of service.
|
Temporary Directory
|
the temporary directory used by the Servlet Context Manager.
./temp is the default for iServer.
If a relative directory is specified then the temporary directory is relative to the iServer's base directory.
|
Connection Pool Interval
|
the number of minutes between running the Connection Pool Monitor.
5 minutes is the default for iServer.
-1 can be used to keep connections open in the pool. Using
this value may result in database connection timeouts.
The number must be at least 1.
Setting this value too small may impact performance and setting this value
too large can result in database connection timeouts.
|
Directory Access
|
Whether to allow directories to be displayed.
No is the default for iServer.
Setting this value to Yes is potentially a security hole.
iServer's FileServlet uses directory.html and directory_item.tf
in iws_dir/html/ when display directories, where
iws_dir is the directory where iServer was installed or deployed.
|
Shell Access
|
Whether to allow CGI scripts and SSI #exec to have shell access.
No is the default for iServer.
Setting this value to Yes is potentially a security hole.
|
Security Enabled
|
Whether to check if a client can access resources being requested.
Yes is the default for iServer.
Setting this value to Yes may have a negative impact on performance.
|
DNS Lookup
|
Whether to lookup the name of the remote client.
If set to No then the IP address of the remote client will be used.
No is the default for iServer.
Setting this value to Yes may have a negative impact on performance.
|
Servlet Chaining
|
Whether to allow Servlet chaining.
No is the default for iServer.
Setting this value to Yes may have a negative impact on performance.
|
Remote Administer
|
Whether to allow computers other than localhost (127.0.0.1) to administer
iServer.
Yes is the default for iServer.
Setting this value to Yes is potentially a security hole.
|
SSL Support
|
Whether to enable Secure Socket Layer (SSL) support.
No is the default for iServer.
Setting this value to Yes requires Java 1.2.0 or later and may have
a negative impact on performance.
|
Administrators should immediately change the default Username/Password from
the Server form [Login > Monitor > Control Panel > Manage >
Server].
Username/Password should not be any obvious word, easily guessed terms,
should be at least 8 characters and should contain letters,
numeric and symbols.
Additionally Username/Password should be kept private, with limited
disclosure and should be changed frequently.