We are developing extra rules to protect run harmful content (ex. webshell) on servers. When you enabling additional rules, it giving you a higher level of security. However, extra rules may also increase the possibility of blocking some legitimate traffic due to false alarms (also named false positives or FPs). It is likely that you will need to add some whitelist for certain applications that need to receive complex input patterns.
If in rules causing a problems, report to us that we may development them better suitable!
Front page may open in webshell’s, but command execution is blocked.
- Phoenix WebShell
- Bad User-Agents
- Bad search engine crawlers (Cause High loads)
- Bot’s (Cause DDOS & High loads)
More RBL information here.
- Bot’s crawling WordPress & Joomla logins (Cause DDOS & High loads)
More reCaptcha information here.
If you wanna use all rules, then you add extra parameter to download url like:
SecRemoteRules SERIAL https://rules.malware.expert/download.php?rules=generic&extra=webshell,scanner,rbl,recaptcha