Denial of Service Attack on SSRS?

I recently upgraded our SSRS server to SQL 2014 and the upgrade went surprisingly smoothly.  Software upgrades are like painting, the more prep you do the easier the work is and there is less to fix after the deed is done.

However, there was one problem.  I have a customer that runs a utility to create monthly bills for his application.  He creates about 100K reports by looping through his accounts and calling the ReportExecution2005 endpoint.  After the upgrade to 2014 he was receiving 500 Internal Server Error randomly while executing his report process.

SSRS was logging the following error:

Microsoft.ReportingServices.Diagnostics.Utilities.ReportServerHttpRuntimeClientDisconnectionException: A client has disconnected from the Report Server Web service application domain ReportServer_MSSQLSERVER_0-5-130602669339393095. No corrective action is required. An error code has been submitted to ASP.NET to release the connection. The error code is 800708CA.

Also, the Application Log in Event Viewer was throwing Event 112 with the message:

The report server has detected a possible denial of service attack. The report server is dropping requests for service from the IP address x.x.x.x.

As it happens, there’s a setting in the RSReportServer.config file called MaxActiveReqForOneUser that is set to a default of 20.  Since my customer was attempting to use more than 20 threads SSRS was dropping his excess connections.  Easy fix though, up the MaxActiveReqForOneUser setting ad all’s well.

 

Leave a Reply

Your email address will not be published. Required fields are marked *