Mute Screamer
-
Hi there,
Am trying to configure mutescreamer to block intrusion attacks without blocking perfectly normal queries.
So far the following are part of the exception:
REQUEST.comment
POST.comment
REQUEST.permalink_structure
POST.permalink_structure
REQUEST.selection
POST.selection
REQUEST.content
POST.content
REQUEST.__utmz
COOKIE.__utmz
REQUEST.s_pers
COOKIE.s_pers
REQUEST.user_pass
POST.user_pass
REQUEST.pass1
POST.pass1
REQUEST.pass2
POST.pass2
REQUEST.password
POST.password
POST.description
REQUEST.verify_sign
REQUEST.id
REQUEST.action_object_mapThe bottom ones hae been added, as MuteScreamer picked these up, even though they were just ‘intrusions’ coming from harmless activities carried out by our IP addresses on our website
The question I have is by adding these to the exceptions, are we reducing the impact of Mute Screamer in picking up genuine attacks?
I can see a lot of intrusions that are logged in the system, and it is not easy to know if they are genuine attacks or harmless browsing.
Kind regards
- The topic ‘Mute Screamer’ is closed to new replies.