- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2015 03:18 PM - edited 03-08-2019 02:19 AM
Hello!
Today I noticed that I'm getting the following log message from the last couple of days:
%HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(250)as specified by the platform.
Last week, I updated a couple of 4506 switches with the following IOS 15.2(2) E3 and only 2 of them are not getting the log message.
Can someone help me to troubleshoot this?
Thank you!
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2015 12:01 AM
Hi there,
Either disable the HTTP server function:
! no ip http server no ip http secure-server !
Or if you use the HTTP for administration purposes, apply an ACL to ensure that unwanted traffic is dropped:
! ip http access-list <ACL_number> !
cheers,
Seb.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2015 12:01 AM
Hi there,
Either disable the HTTP server function:
! no ip http server no ip http secure-server !
Or if you use the HTTP for administration purposes, apply an ACL to ensure that unwanted traffic is dropped:
! ip http access-list <ACL_number> !
cheers,
Seb.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2015 12:35 PM
Thank you! Seb

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-15-2017 08:56 AM
So mine is doing the same thing but we don't manage switches from http at all. Any idea why all of a sudden request would kick off and fill up the log? I was troubleshooting issues an hour ago and now my log has nothing but this message:
Jun 15 11:21:27 EST: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
I took your suggestion and "no" ed out those lines but is that the only thing ip http server controls?
device type: 3850 switch running denali 16.3.3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2019 06:53 AM
OK removing HTTP from the switch soles a problem, the question is what causes it? Is it a network breach?
In my case there were over 500 attempts or is it a bug?
%HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(500)as specified by the platform.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2019 06:58 AM
Is someone scanning your network with a vulnerability scanner through HTTP , raid seven and mcaffe scanner cause this on my switches all the time
Its some software doing it , check with your security team , mine were the cause for me , they do it every week , the switch has a limit and the scanners can overrun it by constantly scanning by http
My switch below being scanned
Jan 13 01:52:46.024 UTC: %HTTP-4-SERVER_CONN_RATE_EXCEED: Number of connections per minute has exceeded the maximum limit(250)as specified by the platform.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2023 06:46 AM
You are right. Thanks, Mark.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2023 09:27 AM
You can use the "show ip http server connection" to see where the connections are originating
