You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you want to use a custom whitelist, then store it as /usr/local/ispconfig/security/ids.whitelist.custom
87
+
88
+
Setting: ids_warn_level
89
+
Options: 5 (number, default = 5)
90
+
Description: When the IDS score exceeds this level, a error message is logged into the system log. No message is displayed to the user.
91
+
92
+
Setting: ids_block_level
93
+
Options: 100 (number, default = 100)
94
+
Description: When the IDS score exceeds this level, a error message is shown to the user and further processing is blocked. A score of 100 will most likely never be reached.
95
+
We have choosen such a high score as default until we have more complete whitelists for this new feature.
96
+
97
+
Setting: sql_scan_enabled
98
+
Options: yes/no
99
+
Description: Enables the scan for SQL injections in the DB library.
100
+
101
+
Setting: sql_scan_action
102
+
Options: warn/block
103
+
Description: warn = write errot message to log only. Block = block user action and show error to the user.
104
+
105
+
Setting: apache_directives_scan_enabled
106
+
Options: yes/no
107
+
Description: Scan apache directives field for potentially malicious directives. This function uses the regex
108
+
list from /usr/local/ispconfig/security/apache_directives.blacklist file.
109
+
If you want to use a custom blacklist, then store it as /usr/local/ispconfig/security/apache_directives.blacklist.custom
0 commit comments