The wso2throttle module is for controlling client access to web service engine. Using the management console of a Carbon server, you can enable access throttling at global level, operational level or service level.
Follow the instructions below to configure the wso2throttle module on a global level.
1. In the Deployed Modules page, click on the Configure link associated with the wso2throttle module.
2. The Global Throttling Configuration page appears. In the Enable Throttling list, select Yes from the drop-down menu.
3. The existing throttle configuration appears in the wizard as shown in the example below. Click Add New Entry .
To enter new parameters or modify existing parameters, select Control in the Access column.
4. Specify the parameters of a service.
Parameters for Throttling Configuration:
- Range - The IP address range or the domain is restricted from accessing the service. Requests from such clients will be restricted based on the specified values.
- Type - This indicates the type of Range. It can be IP or DOMAIN. It should be IP if the range is given as a single IP address or a range of IP addresses (for example, 10.100.1.30-10.100.1.60). It should be DOMAIN if the range is given as as a domain (for example, *.wso2.com). If you specify configurations types of both IP and DOMAIN, first priority will be given to DOMAIN level configurations.
- Maximum Request Count (MRC) - If Access is set to Control, it will be the maximum number of requests that are served within the time interval specified by the Unit Time parameter.
- Unit Time (UT) - The time period in milliseconds during which the maximum requests served. This is the number specified by the Maximum Request Count. The throttle starts counting the number of units from the moment it is enabled and the number of requests served within that period.
- Prohibit Time Period (PTP) - If the maximum request count is achieved before the unit time, this is the period during which no more requests are allowed to go in. By setting this value, the unit time slot is altered.
- Allow - Means that no restriction is applied for that range and all requests are allowed to go in as they come in.
- Deny - Means that access is completely denied for that range.
- Control - Allows to modify the parameter.
When the Access is set to Allow or Deny , MRC, UT and PTP parameters are not necessary and the said fields are deactivated. If it is Control , then the specified constraints are applied for that particular range.
- Actions - Allows to delete a parameter.
MRC = 50, UT = 50000, PTP = 5000If 50 requests are arrived within 35000ms (35s) in a particular time period, no more requests are taken in for another 5000ms (5s = PTP). This time the UT is altered to 35000ms + 5000ms = 40000ms (40s)