— 이강우 2022/01/26 12:15
본 내용은 JBoss EAP 7 설치 후 일반적인 튜닝값을 적용하기 위한 스크립트이다.
JBoss EAP 7.4 버전에서 테스트 되었으며 JBoss EAP 7 이외의 버전에서는 동작을 보장하지 않는다.
/subsystem=undertow/server=default-server/http-listener=default:read-resource(include-defaults=true,include-runtime=true)
##### default thread pool /subsystem=io/worker=default/:write-attribute(name=task-core-threads,value=256) /subsystem=io/worker=default/:write-attribute(name=task-max-threads,value=512) /subsystem=io/worker=default/:write-attribute(name=io-threads,value=128) ##### Session Timeout /subsystem=undertow/servlet-container=default:write-attribute(name=default-session-timeout, value=60) ##### header 설정 /subsystem=undertow/configuration=filter/response-header=server-header:remove /subsystem=undertow/configuration=filter/response-header=x-powered-by-header:remove /subsystem=undertow/configuration=filter/response-header=server-header:add(header-name="Server",header-value="JBoss-EAP/7") /subsystem=undertow/configuration=filter/response-header=x-powered-by-header:add(header-name="X-Powered-By",header-value="Undertow/1") ##### For X-Powered-By: JSP/2.3 response header /subsystem=undertow/servlet-container=default/setting=jsp:write-attribute(name=x-powered-by,value=false) ##### welcome-content 제거 /subsystem=undertow/server=default-server/host=default-host/location=\/:remove /subsystem=undertow/configuration=handler/file=welcome-content:remove ##### http listener 예제, AJP 또는 HTTPS의 경우 별도의 리스너에 설정해줘야 함. ##### max-post-size 10485760 = 10MB /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=max-post-size,value=10485760L) /subsystem=undertow/server=default-server/ajp-listener=ajp:write-attribute(name=max-post-size,value=10485760L) ##### max-header-size 1048576 = 1MB /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=max-header-size,value=1048576) ##### max-headers /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=max-headers,value=200) ##### max-parameters /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=max-parameters,value=1000) ##### JBoss CRS security /subsystem=undertow/configuration=filter/response-header=x-frame-options:add(header-name="X-Frame-Options",header-value="SAMEORIGIN") /subsystem=undertow/configuration=filter/response-header=x-xss-protection:add(header-name="X-XSS-Protection",header-value="1; mode=block") /subsystem=undertow/configuration=filter/response-header=x-content-type-options:add(header-name="X-Content-Type-Options",header-value="nosniff") ###/subsystem=undertow/configuration=filter/response-header=content-security-policy:add(header-name="Content-Security-Policy",header-value="default-src https:") /subsystem=undertow/configuration=filter/response-header=content-security-policy:add(header-name="Content-Security-Policy-Report-Only",header-value="policy") /subsystem=undertow/configuration=filter/response-header=strict-transport-security:add(header-name="Strict-Transport-Security",header-value="max-age=31536000; includeSubDomains;") /subsystem=undertow/server=default-server/host=default-host/filter-ref=x-frame-options:add() /subsystem=undertow/server=default-server/host=default-host/filter-ref=x-xss-protection:add() /subsystem=undertow/server=default-server/host=default-host/filter-ref=x-content-type-options:add() /subsystem=undertow/server=default-server/host=default-host/filter-ref=content-security-policy:add() /subsystem=undertow/server=default-server/host=default-host/filter-ref=strict-transport-security:add()