From b31c9d7bb641db612beb3bad4fc59d7c7489f1ae Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 25 Aug 2014 11:16:50 -0400
Subject: [PATCH] Merge branch 'stable-3.0.5' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.0.5

---
 security/README.txt |   39 +++++++++++++++++++++++++++++++++++++++
 1 files changed, 39 insertions(+), 0 deletions(-)

diff --git a/security/README.txt b/security/README.txt
index c732312..b68f647 100644
--- a/security/README.txt
+++ b/security/README.txt
@@ -69,6 +69,45 @@
 Options:     yes/no
 Description: Disables the remote API
 
+Setting:     ids_enabled
+Options:     yes/no
+Description: Enables the Intrusion Detection System
+
+Setting:     ids_log_level
+Options:     1 (number, default = 1)
+Description: IDS score that triggers the log in /usr/local/ispconfig/interface/temp/ids.log
+             This log can be used to feed the whitelist. 
+			 
+			 Example:
+			 
+			 cat /usr/local/ispconfig/interface/temp/ids.log >> /usr/local/ispconfig/security/ids.whitelist
+			 rm -f /usr/local/ispconfig/interface/temp/ids.log
+			 
+			 If you want to use a custom whitelist, then store it as /usr/local/ispconfig/security/ids.whitelist.custom
+
+Setting:     ids_warn_level
+Options:     5 (number, default = 5)
+Description: When the IDS score exceeds this level, a error message is logged into the system log. No message is displayed to the user.
+
+Setting:     ids_block_level
+Options:     100 (number, default = 100)
+Description: When the IDS score exceeds this level, a error message is shown to the user and further processing is blocked. A score of 100 will most likely never be reached. 
+             We have choosen such a high score as default until we have more complete whitelists for this new feature.
+
+Setting:     sql_scan_enabled
+Options:     yes/no
+Description: Enables the scan for SQL injections in the DB library.
+
+Setting:     sql_scan_action
+Options:     warn/block
+Description: warn = write errot message to log only. Block = block user action and show error to the user.
+
+Setting:     apache_directives_scan_enabled
+Options:     yes/no
+Description: Scan apache directives field for potentially malicious directives. This function uses the regex
+             list from /usr/local/ispconfig/security/apache_directives.blacklist file.
+			 If you want to use a custom blacklist, then store it as /usr/local/ispconfig/security/apache_directives.blacklist.custom
+
 Setting:     security_admin_email
 Options:     email address
 Description: Email address of the security admin

--
Gitblit v1.9.1