General

On the General tab, specify the following Web server settings:

•Dr.Web Server address—IP address or DNS name of Dr.Web Server.

Parameter is specified in the following format:

<Dr.Web Server IP address or DNS name>[:<port>]

If the Dr.Web Server address is not specified, computer name returned by the operating system or the Dr.Web Server network address: DNS name, if available, otherwise—IP address are used.

If the port number is not specified, the port from a request is used (e.g., for requests to Dr.Web Server from the Control Center or via the Web API). Particularly, for the requests from the Control Center it is the port specified in the address line for connection of the Control Center to Dr.Web Server.

•Number of parallel requests from clients—number of parallel requests processed by the Web server. This parameter affects server performance. It is not recommended to change this parameter without need.

•IO threads number—number of threads serving data transmitted in network. This parameter affects the Dr.Web Server performance. It is not recommended to change this parameter without need.

•time-out of HTTP/1 session (sec.)—HTTP version 1 protocol session time-out. For persistent connections, Dr.Web Server releases the connection, if there are no requests received from a client during specific time slot. time-out is relevant before the first data exchange within the session.

•Minimal send rate via HTTP/1 (BPS)—minimal acceptable data send rate. If outgoing network speed is lower than this value, connection will be rejected. Specify 0 to ignore this limit.

•Minimal receive rate via HTTP/1 (BPS)—minimal acceptable data receive rate. If incoming network speed is lower than this value, connection will be rejected. Specify 0 to ignore this limit.

•Send time-out for HTTP/1 (sec.)—data send time-out within opened session on HTTP/1 protocol. If unable to send data during specific time slot, the session is closed.

•Receive time-out for HTTP/1 (sec.)—Data receive time-out within opened session on HTTP/1 protocol. If there are no requests received from a client during specific time slot, the session is closed. time-out is relevant after the first data exchange within the session.

•Send buffer size (KB)—size of buffers used when sending data. This parameter affects server performance. It is not recommended to change this parameter without need.

•Receive buffer size (KB)—size of buffers used when receiving data. This parameter affects server performance. It is not recommended to change this parameter without need.

•Max request length (KB)—Maximum allowed size of HTTP request.

•Enable flood attack protection—set the flag to provide protective measures against flood attacks. Specify the following parameters of attack detection:

▫Period (sec)—time period in seconds during which the certain number of requests must be received to confirm the flood attack from the client.

▫Requests number—the minimum number of requests that must be received during certain time period to confirm the flood attack from the client.

▫Ban duration (sec)—connections from the client will be prevented for the specified number of seconds.

In the Compression section, you can specify parameters of a traffic compression for data transmission over a communication channel with the Web server via HTTP/HTTPS:

•Maximal response size to compress (KB)—maximal size of HTTP responses which will be compressed. Specify the 0 value to disable limitation on maximal size of HTTP responses to be compressed.

•Minimal response size to compress (B)—minimal size of HTTP responses which will be compressed. Specify the 0 value to disable limitation on minimal size of HTTP responses to be compressed.

•Priority order of compression types:

▫Defined by client—priority order of compression types is defined by a client considering the allowed compression types.

▫Defined by server—priority order of compression types is defined by the server considering the allowed compression types. In this case, specify the using order of compression types in the list below. To change the order, drag and drop corresponding block over the root.

You can enable or disable and also set the order of use (if the order is defined by Dr.Web Server) the following compression types:

▫Use GZIP compression—set the flag to use this type of compression. In the GZIP compression level field, specify the value in the range 0-9. The 0 value disables compression.

▫Use Deflate compression—set the flag to use this type of compression. In the Deflate compression level field, specify the value in the range 0-9. The 0 value disables compression.

▫Use Brotli compression—set the flag to use this type of compression. In the Brotli compression level field, specify the value in the range 0-11. The 0 value disables compression.

•Replace IP addresses—set the flag to replace IP address with DNS names of computers in the Dr.Web Server log file.

•Enable HTTP/2 support—set the flag to support connections with the web server via HTTP protocol version 2.

▫Time-out of HTTP/2 session (sec.)—HTTP version 2 protocol session time-out. For persistent connections, server releases the connection, if there are no requests received from a client during specific time slot.

•Keep-alive TLS connection—set the flag to use keep-alive TLS connection. Older browsers may not work properly with regular TLS connections. Disable this parameter, if you have problems with TLS protocol.

•Certificate—path to TLS certificate file. The drop-down list contains available certificates from the Dr.Web Server folder.

•SSL private key—path to TLS private key file. The drop-down list contains available private keys from the Dr.Web Server folder.

•Encryption key for TLS session tickets—the path to encryption key for TLS session tickets. Used to resume a TLS session based on session tickets which are encrypted using the specified key.

•Allowed cipher list—the string defining the list of ciphers from OpenSSL package that allowed for use in client connections. Leave the field blank to use the DEFAULT value that means ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2.