Menu

Topic-icon A sequence has been detected that could mean a hacker attack.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 months 1 week ago #8616 by kkb2016
Thanks. my another query is -
there is a option for Periodicity - where there is an option for Weekly. does it mean that it will scan it once in a week and if yes then how can we define at what day and time?
also we are gettng issue where it block our IP address, we have disable the Dynamic IP Blocking then why it is blocking my or my clients ip address?

Please Log in or Create an account to join the conversation.

More
2 months 1 week ago #8617 by Jose
You're welcome!

there is a option for Periodicity - where there is an option for Weekly. does it mean that it will scan it once in a week and if yes then how can we define at what day and time?

There is no option to do that. It will be launched 7 days after the last scan.

also we are gettng issue where it block our IP address, we have disable the Dynamic IP Blocking then why it is blocking my or my clients ip address?

Maybe you have that option in other settings. For instance, you can configure the extension to add the ip to dynamic blacklist on very failed login (Waf configuration -> User session protection -> Failed login -> Actions". In that case your ip will be added to dynamic blacklist even if you set the firewall to not add ips to it (what is a bad idea as hackers will still have access to your site even if the firewall blocks their attacks).

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 months 1 week ago #8618 by kkb2016
so it means we should enable this Scan during the weekend - say saturday and then on sunday we change the setting to weekly so that it update during the weekend?

Please Log in or Create an account to join the conversation.

More
2 months 1 week ago #8619 by Jose
If the latest scan is 7 days old yes, it will be launched during the weekend.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • kkb2016
  • kkb2016's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 months 3 days ago #8658 by kkb2016
Could you please help me to find the reason of this msg and how can I sort it?
client is getting this frequently?
Error -
A sequence has been detected that could mean a hacker attack.. Your request cannot be processed.

What setting should I make so that this msg should appear less?

Please Log in or Create an account to join the conversation.

More
2 months 3 days ago #8659 by Jose
Hi kkb2016,

It depends of the rule applied (I would need to view a screenshot of scp logs), but usually there are a couple of them that could cause more false positives: the 'using integers' and 'line comments' filter (Waf configuration -> filter exceptions -> Sql Injection tab).

To avoid many of the false positives I recommend to enable the 'Easy config' feature from main panel of Securitycheck Pro. Anyway I'm working to redesign some of those filters to avoid false positives.

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.066 seconds
Powered by Kunena Forum

Login or Sign In