If you want to use a custom whitelist, then store it as /usr/local/ispconfig/security/ids.whitelist.custom
Setting: ids_warn_level
Options: 5 (number, default = 5)
Description: When the IDS score exceeds this level, a error message is logged into the system log. No message is displayed to the user.
Setting: ids_block_level
Options: 100 (number, default = 100)
Description: When the IDS score exceeds this level, a error message is shown to the user and further processing is blocked. A score of 100 will most likely never be reached.
We have choosen such a high score as default until we have more complete whitelists for this new feature.
Setting: sql_scan_enabled
Options: yes/no
Description: Enables the scan for SQL injections in the DB library.
Setting: sql_scan_action
Options: warn/block
Description: warn = write errot message to log only. Block = block user action and show error to the user.
Setting: apache_directives_scan_enabled
Options: yes/no
Description: Scan apache directives field for potentially malicious directives. This function uses the regex
list from /usr/local/ispconfig/security/apache_directives.blacklist file.
If you want to use a custom blacklist, then store it as /usr/local/ispconfig/security/apache_directives.blacklist.custom
