Menu

Topic-icon A sequence has been detected that could mean a hacker attack.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 months 3 days ago #8669 by kkb2016
Hi Mate,

here is the Log I export from SCP. do let me know if this works for you to review?

docs.google.com/spreadsheets/d/1f6DCTijM...cNM/edit?usp=sharing

 

Please Log in or Create an account to join the conversation.

More
2 months 3 days ago - 2 months 3 days ago #8670 by Jose
In your case you have many attempts against ajax from users like Heavymetal or Cryptoph. Are they legitimate users? If so add com_ajax as exception into the XSS filter (Waf configuration -> Filter exceptions -> XSS tab).

Regards,
Jose
Last edit: 2 months 3 days ago by Jose.

Please Log in or Create an account to join the conversation.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
1 month 1 week ago #8707 by kkb2016
Dear Support,
as you suggested below ----
===============
- Check the task to be launched by the cron ( Configuration -> Cron configuration). Be sure that there is a single task (permissions or integrity) in the "Scheduled task(s)" field. I always recommend to set this value to "only check integrity", as we will be alerted if any single character if changed in any file.
- If you do set the cron enabled to launch a file integrity scan, then you can do several things to reduce the amount of resources needed by the scan. Just go to Global configuration -> Tuning tab and set the "Scan only executable files" to "Yes". Also from File integrity tab set the "Include exceptions into database field" to "No".
===============
--- What if we enable the cron again and set to weekly with the below settings ( will it only scan the latest updated files only? ) -
- Configuration -> Cron configuration - set this value to "only check integrity"
- Global configuration -> Tuning tab - set the "Scan only executable files" to "Yes". '
- File integrity tab set the "Include exceptions into database field" to "No"

Please Log in or Create an account to join the conversation.

More
1 month 1 week ago #8708 by Jose
Hi kkb2016,

Yes, try that. With those settings you will be notified of new/modified files once per week reducing the amount of resources.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
1 month 12 hours ago #8722 by kkb2016
Dear Support,
Can we do manually scan from the security check pro extension instead of doing it via cron automatically?

Please Log in or Create an account to join the conversation.

More
1 month 11 hours ago #8723 by Jose
Yes, of course. Just disable the cron and go to the scan screen; there you will see a 'start' button.

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.071 seconds
Powered by Kunena Forum

Login or Sign In