Response Processors: Application Vulnerability Processor
The application vulnerability processor is designed to block known attack vectors for select third party applications. By default this processor does nothing. If you host a third party application such as WordPress, you should enable the configuration parameters that represent the third party software you are using. This will enable protection for that software component.
Table 1: Application Vulnerability Processor Configuration Parameters
Parameter | Type | Default Value | Description |
---|---|---|---|
Basic | |||
Joomla Vulnerability Protection Enabled | Boolean | False | Whether traffic should be analyzed for Joomla vulnerabilities |
PHPBB Vulnerability Protection Enabled | Boolean | False | Whether traffic should be analyzed for PHPBB vulnerabilities |
Wordpress Vulnerability Protection Enabled | Boolean | False | Whether traffic should be analyzed for Wordpress vulnerabilities |
Advanced | |||
Mode of Operation | Integer | 1 | Whether to block a request on a positive signature, or just create an incident |
Block Response | HTTP Response | 404 Error | The default message to use in the warning dialog. This can be defined on a session by session basis, but if no explicit value is assigned to the warning, this value will be used. |