iCompaas Support

Description:

The PostgreSQL parameter connection_throttling enables throttling of excessive connection attempts and logs repeated failed connections coming from the same source. When enabled, PostgreSQL can detect “connection storms” or brute-force authentication patterns and throttle them to protect server stability. In Azure PostgreSQL (Single and Flexible Servers), this parameter is important for preventing misuse, monitoring abnormal behavior, and maintaining availability under load or malicious activity.

Rationale:

• Helps detect and limit brute-force attacks or credential-stuffing attempts.

• Prevents connection floods that may be caused by compromised applications or malicious users.

• Adds visibility into repeated failed connection attempts.

Impact:

• Enhanced protection against connection-based DoS attacks.

• Reduced the risk of saturation of backend processes under heavy connection storms.

• Improved audit visibility into repeated connection failures.

• Stabilizes the database under malformed application behavior.

Default Value:

• For Azure Database for PostgreSQL Flexible Server, the default for connection_throttling is typically OFF.

Pre-requisites:

• Global Administrator or Security Administrator permissions.

• Must be Azure Database for PostgreSQL – Flexible Server (or Single Server if the parameter is supported).

Test Plan:

1. Sign in to the Azure Portal at https://portal.azure.com

2. Search for and open the Azure Database for PostgreSQL Flexible Server

3. Select the target PostgreSQL server

4. From the left menu, under settings, select Server parameters

5. Search for the parameter connection_throttle.enable

6. Verify the parameter value is set to ON

7. If connection_throttle.enable is not set to ON, follow the implementation steps

Implementation Plan:

1. Log in to the Azure Portal.

2. Search for your Azure Database for PostgreSQL server (Single or Flexible).

3. On the left-hand menu, under the Settings section, select server parameters.

4. Search for connection_throttling. Change the value to ON.

5. Save the changes.

Backout Plan:

1. Sign in to the Azure Portal at https://portal.azure.com

2. Search for and open the PostgreSQL Flexible Server

3. From the left menu, select Server parameters

4. Search for the parameter connection_throttle.enable

5. Set the value to OFF

6. Click Save to apply the change

Reference:

• https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/param-connections-authentication-connection-settings?pivots=postgresql-17