Does Openfire offer any level of protection from DoS attacks?
Here’s why I ask- an experimental client that we have under development went berserk this morning and started sending out 300+ presence messages a minute, alternating between “invisible” and “available”. Within 5-10 minutes Openfire had become unresponsive and had to be bounced (it was running on a dual Xeon with 4GB+ RAM). I would have expected some logic in Openfire to kick any JID that generates this much nonsense traffic… (of course that doesn’t protect the network layer, but there are other methods for that.) Is there a setting that I am missing? Or does this protection not exist?
Note: I did a forum search for “Denial of Service” and “DoS” and got nothing of use- sorry if this post rehashes old ground.
Cheers,
Dan