-
Notifications
You must be signed in to change notification settings - Fork 602
Configurations
Aaron Lewis edited this page May 8, 2018
·
13 revisions
Please make all modifications to <app_home>/rasp/conf/rasp.properties
. Changes take effect immediately, except for the hooks.ignore
item (that requires a restart).
Item | Description | Default |
---|---|---|
plugin.timeout.millis | JS plugin timeout in ms | 100 |
body.maxbytes | JS plugin can read at most these bytes | 4 x 1024 = 4KB |
hooks.ignore | List of disabled hook points, comma separated | (Empty) |
block.url | Redirect to this page when an attack is blocked | rasp.baidu.com |
block.status_code | HTTP response code for blocked requests | 302 |
log.maxstack | Maximum depth of application stack in alarm logs | 10 |
security.enforce_policy | Prevent the server from starting if security baseline is violated | false |
ognl.expression.minlength | Minimum length of OGNL expression for JS plugin to process | 30 |
sql.slowquery.min_rows | SQL slow query threashold | 500 |
debug.level | Debug output level | 0 |
All items configurable in standard PHP INI entries, reload or restart PHP servers to take effect.
Item | Description | Default |
---|---|---|
openrasp.block_url | Redirect to this page when an attack is blocked | rasp.baidu.com |
openrasp.block_status_code | HTTP response code for blocked requests | 302 |
openrasp.hooks_ignore | List of disabled hook points, comma separated | (Empty) |
openrasp.log_maxburst | Maximum logs per second | 1000 |
openrasp.root_dir | OpenRASP installation path - required | (Empty) |
openrasp.enforce_policy | Prevent the server from starting when a security baseline is violated | Off |
openrasp.slowquery_min_rows | SQL slow query threashold | 500 |
openrasp.syslog_facility | Set syslog facility | 16 |
openrasp.syslog_server_address | Set syslog server address | (Empty) |
openrasp.syslog_alarm_enable | Whether to enable syslog feature | Off |
openrasp.syslog_connection_timeout | Syslog server connection timeout (ms) | 50 |
openrasp.syslog_read_timeout | Syslog server read timeout (ms) | 10 |
openrasp.timeout_ms | JS plugin timeout in ms | 100 |
openrasp.locale | Locale file to use (e.g es_ES) | (Empty) |
openrasp.log_maxstack | Maximum depth of application stack in alarm logs | 10 |