Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-937

PHPIDS: Add option to disable checks for authenticated admins

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.0.0
    • Fix Version/s: None
    • Component/s: Plugins
    • Labels:
      None

      Description

      Currently requests are processed for every URI and every user. There should be an option to disable processing intrusion rules on authenticated admin user requests (enabled by default of fresh installation).

      This will prevent PHPIDS from flagging false positives that are the result of an legitimate admin user's actions (the most common form of false positive).

        Activity

        cody Cody Phillips (Inactive) created issue -
        admin Paul Phillips made changes -
        Field Original Value New Value
        Security Private [ 10000 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.2.0-b2 [ 10501 ]
        Fix Version/s 3.2.0-b1 [ 10002 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.2.0-b3 [ 10503 ]
        Fix Version/s 3.2.0-b2 [ 10501 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.2.0 [ 10502 ]
        Fix Version/s 3.2.0-b3 [ 10503 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.3.0 [ 10100 ]
        Fix Version/s 3.2.0 [ 10502 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.3.0-b2 [ 10507 ]
        Fix Version/s 3.3.0-b1 [ 10100 ]
        Hide
        admin Paul Phillips added a comment -

        With this task and CORE-723 both completed, it may be possible for us to ship with PHPIDS enabled by default, with conservative enough settings to limit the risk of false positives and still catch many legitimate attacks. Having PHPIDS enabled by default would be great.

        Show
        admin Paul Phillips added a comment - With this task and CORE-723 both completed, it may be possible for us to ship with PHPIDS enabled by default, with conservative enough settings to limit the risk of false positives and still catch many legitimate attacks. Having PHPIDS enabled by default would be great.
        admin Paul Phillips made changes -
        Fix Version/s 3.4.0 [ 10400 ]
        Fix Version/s 3.3.0-b2 [ 10507 ]
        admin Paul Phillips made changes -
        Sprint 3.4.0 Sprint 2 [ 4 ]
        admin Paul Phillips made changes -
        Rank Ranked lower
        cody Cody Phillips (Inactive) made changes -
        Story Points 3
        cody Cody Phillips (Inactive) made changes -
        Sprint 3.4.0 Sprint 2 [ 4 ] 3.4.0 Sprint 3 [ 5 ]
        cody Cody Phillips (Inactive) made changes -
        Rank Ranked higher
        cody Cody Phillips (Inactive) made changes -
        Sprint 3.4.0 Sprint 3 [ 5 ] 3.4.0 Sprint 4 [ 6 ]
        cody Cody Phillips (Inactive) made changes -
        Rank Ranked higher
        cody Cody Phillips (Inactive) made changes -
        Sprint 3.4.0 Sprint 4 [ 6 ]
        cody Cody Phillips (Inactive) made changes -
        Rank Ranked higher
        admin Paul Phillips made changes -
        Fix Version/s 3.5.0 [ 10401 ]
        Fix Version/s 3.4.0-b1 [ 10400 ]
        cody Cody Phillips (Inactive) made changes -
        Fix Version/s 3.5.0 [ 10401 ]

          People

          • Assignee:
            cody Cody Phillips (Inactive)
            Reporter:
            cody Cody Phillips (Inactive)
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated: