- Posts: 48
- Thank you received: 1
No, that's the other way to solve this issue.
To overcome this while I waited for your response, I set the SQL Injection Line Comments filter to exclude the com_k2 component. Is that problematic?
Yes, I changed priorities a couple of versions ago. Someone told me it had no sense to have blacklist as first priority and he was right. This way if you whitelist an ip access will be granted by default.
Btw, awhile back you modified SCP to change the List priority to have Whitelist as the first priority. Is that in version 3.2? And what are the second and third priorities?
The 'Easy config' feature only disables most conflictive firewall rules (this is those that cause more false positives). Those rules only protect agains very rare attacks and require more attention.
What priorities does Easy Config set?
Yes, probably will break the link.
I also wonder if changing the "--" to "-" would break the link?
You're welcome! As you can see every customer feedback is taken into consideration
Thanks Jose, yes, that was me who questioned the List prioritorization with regard to Blacklist first.
Enabling the 'Easy config' does not require any other change. All of the other settings will remain applied. In fact, you can enable this feature and after disabling it you will get the same config previously set.
So if I change to Easy Config, how best to handle the .htaccess file currently in use? Should I place a clean version and then re-protect it with SCP? And will the new config get rid of my admin URL keyword protection? Any other custom filters need to be remade?
Both are secure. I prefer adding exceptions for false positives (as you did) instead enable the 'Easy config', but for non technical users, e-commerce sites or for those with no time to monitorize the site the 'Easy config' option is the option to be taken.
I guess the obvious question is what is different between the Easy Config method and my com_k2 filter exception? Which is method is more secure?