<security>
  <dynamicIpSecurity enableLoggingOnlyMode="false" enableProxyMode="true">
    <denyByConcurrentRequests enabled="true" maxConcurrentRequests="10" />
    <denyByRequestRate enabled="true" maxRequests="30" requestIntervalInMilliseconds="500" />
  </dynamicIpSecurity>
  <ipSecurity enableProxyMode="true" allowUnlisted="false" >
    <add allowed="true" ipAddress="1.2.3.4" subnetMask="255.255.255.255" />
  </ipSecurity>
  <requestFiltering>
    <requestLimits maxAllowedContentLength="524288000" />
  </requestFiltering>
</security>

The WebApp consists of ASP.NET 4.8. With this definition, if requests were submitted at the same time, more than 10 requests per 403 were expected to be rejected.

I would appreciate your support.

CodePudding user response：

• I have created a app service with DynamicIpAddress by following below steps

• Goto Advanced tools -> click on Go

• Goto Site Extensions

• Goto Gallery and Search for Dynamic and click on search -> click on and click on ok

• Set the values ​​as below and click update settings

• restart the application service, after updating the settings

• Set the user and time according to the settings you updated in the app service

• Copy the App link and open JMeter using the link below

• I have passed 35 users only 30 users had entered the page we can adjust the number according to our needs.