Response Processors: Application Vulnerability Processor

The application vulnerability processor is designed to block known attack vectors for select third party applications. By default this processor does nothing. If you host a third party application such as WordPress, you should enable the configuration parameters that represent the third party software you are using. This will enable protection for that software component.

Table 38: Application Vulnerability Processor Configuration Parameters

Parameter

Type

Default Value

Description

Basic

Joomla Vulnerability Protection Enabled

Boolean

False

Whether traffic should be analyzed for Joomla vulnerabilities

PHPBB Vulnerability Protection Enabled

Boolean

False

Whether traffic should be analyzed for PHPBB vulnerabilities

Wordpress Vulnerability Protection Enabled

Boolean

False

Whether traffic should be analyzed for Wordpress vulnerabilities

Advanced

Mode of Operation

Integer

1

Whether to block a request on a positive signature, or just create an incident

Block Response

HTTP Response

404 Error

The default message to use in the warning dialog. This can be defined on a session by session basis, but if no explicit value is assigned to the warning, this value will be used.