Skip to content

Configurations

Aaron Lewis edited this page May 8, 2018 · 13 revisions

Java servers

Please make all modifications to <app_home>/rasp/conf/rasp.properties. Changes take effect immediately, except for the hooks.ignore item (that requires a restart).

Item Description Default
plugin.timeout.millis JS plugin timeout in ms 100
body.maxbytes JS plugin can read at most these bytes 4 x 1024 = 4KB
hooks.ignore List of disabled hook points, comma separated (Empty)
block.url Redirect to this page when an attack is blocked rasp.baidu.com
block.status_code HTTP response code for blocked requests 302
log.maxstack Maximum depth of application stack in alarm logs 10
security.enforce_policy Prevent the server from starting if security baseline is violated false
ognl.expression.minlength Minimum length of OGNL expression for JS plugin to process 30
sql.slowquery.min_rows SQL slow query threashold 500
debug.level Debug output level 0

PHP servers

All items configurable in standard PHP INI entries, reload or restart PHP servers to take effect.

Item Description Default
openrasp.block_url Redirect to this page when an attack is blocked rasp.baidu.com
openrasp.block_status_code HTTP response code for blocked requests 302
openrasp.hooks_ignore List of disabled hook points, comma separated (Empty)
openrasp.log_maxburst Maximum logs per second 1000
openrasp.root_dir OpenRASP installation path - required (Empty)
openrasp.enforce_policy Prevent the server from starting when a security baseline is violated Off
openrasp.slowquery_min_rows SQL slow query threashold 500
openrasp.syslog_facility Set syslog facility 16
openrasp.syslog_server_address Set syslog server address (Empty)
openrasp.syslog_alarm_enable Whether to enable syslog feature Off
openrasp.syslog_connection_timeout Syslog server connection timeout (ms) 50
openrasp.syslog_read_timeout Syslog server read timeout (ms) 10
openrasp.timeout_ms JS plugin timeout in ms 100
openrasp.locale Locale file to use (e.g es_ES) (Empty)
openrasp.log_maxstack Maximum depth of application stack in alarm logs 10
Clone this wiki locally