Skip to content
Snippets Groups Projects

QFQ encrypt/decrypt WIP: created new class for encryption and decryption of...

Merged QFQ encrypt/decrypt WIP: created new class for encryption and decryption of...
B4018typeaheadLongParameterAttackDetected into develop
Merged Carsten Rose requested to merge B4018typeaheadLongParameterAttackDetected into develop
Compare
and
7 files
+ 33
34
Compare changes
  • Side-by-side
  • Inline
Files
7
Documentation/Installation.rst
+ 3
3
@@ -586,10 +586,10 @@ Extension Manager: QFQ Configuration
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| securityVarsHoneypot | email,username,password | If empty: no check. All named variables will rendered as INPUT elements. |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| securityAttackDelay | 5 | If an attack is detected, sleep 'x' seconds and exit PHP process. '-1' |
| | | Reports the attack and returns normally - use this with care. |
| securityAttackDelay | 5 | If an attack is detected: a) clear SIP Store b) wait number of seconds, c) |
| | | quit PHP process. -1: Switch off attack detection. |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| securityShowMessage | true | If an attack is detected, show a message. |
| securityShowMessage | on/off | on: If an attack is detected, show a message. |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| securityGetMaxLength | 50 | GET vars longer than 'x' chars triggers an `attack-recognized`. |
| | | :ref:`ExceptionMaxLength`. |