Skip to main content

Configure server settings

Server settings let you configure how a server functions in each environment (development, test, and production).


  1. Select Servers in the header.

  2. Find the server you want to modify using either of these methods:

    • Select the Filter icon (icon-filter.svg) at the top of the Server column.

    • Use the magnifying glass (icon-search.svg) to search.

  3. Go to Server settings using either of these methods:

    • Hover over the end of the server's row and select the Settings icon (icon-settings.svg).

    • Select the name of the server and then, select the Settings icon (icon-settings.svg) at the top of the list.

  4. Modify the settings, as needed:

    • Modify the server name.

    • Designate the environment in which the server will be running: Development, QA (test), or Production.

    • In the Server log file, override the existing server log file path by entering the preferred path.


      Server log files are restricted to file types of LOG or TXT only.

    • Set the log level for the server.

    • Set bot blocking.

      Bot blocking blocks traffic from scrapers, attack tools, and other unwanted automation.

      To view blocked bot activity, under Attacks > Attack Events, use the filter options.

      Supported languages: Java, .NET Framework, .NET Core, Ruby, and Python.


      You can configure bot blocking in the YAML files for Java, .NET Framework, .NET Core, Ruby, and Python.

    • Select Enable sampling for higher performance.

      This setting is available when Assess is enabled.

      With sampling, Contrast selectively analyzes requests to avoid repeat analysis:

      1. If Contrast sees the same URL being called multiple times, it analyzes the URL based on the the number of times specified in the Baseline setting.

      2. Afterwards, if Contrast continues to see the same URL, it only checks it based on the Frequency setting.

      3. Contrast retains samples for the number of seconds specified for the Window setting. After the time specified for the Window setting elapses, Contrast analyzes the URL again, according to the Baseline setting..

      Configure the following settings:

      • Baseline: The number of times that Contrast analyzes URLs to complete sampling. The default setting is 5.

      • Frequency: The number of times that Contrast analyzes URLs after the baseline is achieved. The default setting is 10.

      • Window: The number of seconds that Contrast retains samples before reverting to the baseline. The default setting is 180.

      For example:

      contrast.assess.sampling.request_frequency	25
      contrast.assess.sampling.window_ms	360_000
      contrast.assess.sampling.baseline	1
    • Select Enable output of Protect events to syslog.

      This setting is available when Protect is enabled.

      Select the syslog message severity levels that the server outputs to syslog. Contrast offers syslog message categories according to the syslog RFC 3164 specification for severity.