Increase the ids reporting score: https://www.howtoforge.com/community/threads/errors-in-ispconfig-system-log.78170/ The default score probably needs to be increased: https://git.ispconfig.org/ispconfig/ispconfig3/issues/4922
Hi, i have the same issue. what i need to change in /usr/local/ispconfig/security/security_settings.ini? I have this values : [ids] ids_anon_enabled=yes ids_anon_log_level=1 ids_anon_warn_level=5 ids_anon_block_level=20 ids_user_enabled=yes ids_user_log_level=1 ids_user_warn_level=10 ids_user_block_level=25 ids_admin_enabled=no ids_admin_log_level=1 ids_admin_warn_level=5 ids_admin_block_level=100 sql_scan_enabled=yes sql_scan_action=warn apache_directives_scan_enabled=yes nginx_directives_scan_enabled=yes Ty for your Help Regards Frederick
That depends on the exact error you get, but try ids_anon_block_level=25 and ids_user_block_level=35, and make sure you have the latest ispconfig version.
Thank you! I made this change and yes, i have the last version of isconfig. For the records my last error message in ispconfig : [INTERFACE]: PHP IDS Alert.Total impact: 5<br/> Affected tags: dt, id, lfi<br/> <br/> Variable: POST.fastcgi_php_version | Value: PHP 7.1.x:/usr/bin/php-cgi7.1:/etc/php/7.1/cgi/<br/> Impact: 5 | Tags: dt, id, lfi<br/> Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID 11<br/> <br/> Regards
That request shouldn't have been blocked, only logged. You can increase your log_level settings if you want to cut down on the logging.
