[CORE-937] PHPIDS: Add option to disable checks for authenticated admins - Blesta

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.0.0
Fix Version/s: None
Component/s: Plugins
Labels:
None

Description

Currently requests are processed for every URI and every user. There should be an option to disable processing intrusion rules on authenticated admin user requests (enabled by default of fresh installation).

This will prevent PHPIDS from flagging false positives that are the result of an legitimate admin user's actions (the most common form of false positive).

Activity

Descending order - Click to sort in ascending order

Cody Phillips (Inactive) made changes - 06/Jan/15 11:32 AM

Fix Version/s

3.5.0 [ 10401 ]

Paul Phillips made changes - 12/Dec/14 2:21 PM

Fix Version/s		3.5.0 [ 10401 ]
Fix Version/s	3.4.0-b1 [ 10400 ]

Cody Phillips (Inactive) made changes - 02/Dec/14 6:59 PM

Rank

Ranked higher

Cody Phillips (Inactive) made changes - 02/Dec/14 6:59 PM

Sprint

3.4.0 Sprint 4 [ 6 ]

Cody Phillips (Inactive) made changes - 02/Dec/14 6:58 PM

Rank

Ranked higher

Cody Phillips (Inactive) made changes - 02/Dec/14 6:58 PM

Sprint

3.4.0 Sprint 3 [ 5 ]

3.4.0 Sprint 4 [ 6 ]

Cody Phillips (Inactive) made changes - 31/Oct/14 4:53 PM

Rank

Ranked higher

Cody Phillips (Inactive) made changes - 31/Oct/14 4:53 PM

Sprint

3.4.0 Sprint 2 [ 4 ]

3.4.0 Sprint 3 [ 5 ]

Cody Phillips (Inactive) made changes - 06/Oct/14 2:53 PM

Story Points

Paul Phillips made changes - 06/Oct/14 2:18 PM

Rank

Ranked lower

Paul Phillips made changes - 06/Oct/14 2:18 PM

Sprint

3.4.0 Sprint 2 [ 4 ]

Paul Phillips made changes - 08/Sep/14 6:26 PM

Fix Version/s		3.4.0 [ 10400 ]
Fix Version/s	3.3.0-b2 [ 10507 ]

Hide

Permalink

Paul Phillips added a comment - 08/Sep/14 6:26 PM

With this task and CORE-723 both completed, it may be possible for us to ship with PHPIDS enabled by default, with conservative enough settings to limit the risk of false positives and still catch many legitimate attacks. Having PHPIDS enabled by default would be great.

Show

Paul Phillips added a comment - 08/Sep/14 6:26 PM With this task and CORE-723 both completed, it may be possible for us to ship with PHPIDS enabled by default, with conservative enough settings to limit the risk of false positives and still catch many legitimate attacks. Having PHPIDS enabled by default would be great.

Paul Phillips made changes - 27/Aug/14 4:52 PM

Fix Version/s		3.3.0-b2 [ 10507 ]
Fix Version/s	3.3.0-b1 [ 10100 ]

Paul Phillips made changes - 14/May/14 1:11 PM

Fix Version/s		3.3.0 [ 10100 ]
Fix Version/s	3.2.0 [ 10502 ]

Paul Phillips made changes - 09/May/14 2:14 PM

Fix Version/s		3.2.0 [ 10502 ]
Fix Version/s	3.2.0-b3 [ 10503 ]

Paul Phillips made changes - 02/May/14 6:38 PM

Fix Version/s		3.2.0-b3 [ 10503 ]
Fix Version/s	3.2.0-b2 [ 10501 ]

Paul Phillips made changes - 23/Apr/14 5:04 PM

Fix Version/s		3.2.0-b2 [ 10501 ]
Fix Version/s	3.2.0-b1 [ 10002 ]

Paul Phillips made changes - 09/Feb/14 4:05 PM

Field	Original Value	New Value
Security	Private [ 10000 ]

Cody Phillips (Inactive) created issue - 17/Dec/13 12:56 PM

People

Assignee:

Cody Phillips (Inactive)

Reporter:

Cody Phillips (Inactive)

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

17/Dec/13 12:56 PM

Updated:

06/Jan/15 11:32 AM

Agile

View on Board