Details
-
Type: Improvement
-
Status: Open
-
Priority: Major
-
Resolution: Unresolved
-
Affects Version/s: 3.0.0
-
Fix Version/s: None
-
Component/s: Plugins
-
Labels:None
Description
Currently requests are processed for every URI and every user. There should be an option to disable processing intrusion rules on authenticated admin user requests (enabled by default of fresh installation).
This will prevent PHPIDS from flagging false positives that are the result of an legitimate admin user's actions (the most common form of false positive).