iCompaas Support

Profile Applicability:

• Level 1
  

Description:
 The connection_throttling parameter in PostgreSQL controls the throttling of incoming connections when the server is under heavy load. Enabling this setting helps prevent Denial of Service (DoS) attacks and ensures that the database can handle a high number of legitimate users without degrading the server's performance.

Rationale:
 By enabling connection_throttling, PostgreSQL can protect itself from being overwhelmed by too many concurrent connections. This ensures that the system continues to perform optimally even under heavy load, preventing service degradation and potential outages.

Impact:

• Pros:
  

  • Prevents overloading of database resources by limiting the number of concurrent connections.
    

  • Helps in mitigating DoS attacks that target connection resources.
    

  • Improves the overall stability and performance of the server.
    

• Cons:
  
  

  • If set too low, legitimate users may experience delays or be unable to connect during peak usage.
    

  • Requires careful tuning to balance performance and protection.
    

Default Value:

By default, connection_throttling is set to OFF.

Pre-requisites:
 Ensure that the PostgreSQL server is under sufficient resource capacity to handle the number of connections required, even with throttling enabled.

Remediation

Test Plan:

Using Azure Portal:

1. Log in to the Azure Portal: https://portal.azure.com.
   

2. Navigate to Azure Database for PostgreSQL Servers.
   

3. Select the desired PostgreSQL server.
   

4. Under Settings, click on Server parameters.
   

5. Search for the connection_throttling parameter and verify that it is set to ON.
   

Using Azure CLI:
1.  Run the following command to check the connection_throttling setting:

az postgres server show --resource-group <resource-group-name> --name <server-name> --query "properties.parameters.connection_throttling"

• The output should show ON.
  

Implementation Plan:

Using Azure Portal:

1. Go to Azure Database for PostgreSQL Servers.
   

2. Select the PostgreSQL server and click on Server parameters.
   

3. Set the connection_throttling parameter to ON and save the changes.
   

Using Azure CLI:
 1. To enable connection_throttling, run the following command:

az postgres server configuration set --resource-group <resource-group-name> --server-name <server-name> --name connection_throttling --value ON

Backout Plan:

Using Azure Portal:

1. Go to Azure Database for PostgreSQL Servers.
   

2. Under Settings, click on Server parameters.
   

3. Set the connection_throttling parameter back to OFF if necessary.
   

Using Azure CLI:
1.  To disable connection_throttling, run:

az postgres server configuration set --resource-group <resource-group-name> --server-name <server-name> --name connection_throttling --value OFF

References:

• Azure PostgreSQL Server - Configure Connection Throttling