Hello, I noticed recently that my cloud servers has got increased requests for a long range of php files from same source IP. If i'm not the only one, I started to collect the page requests to a list. However, I seen that some of the requests get caught for instance by PSAD and matching signatures. I think the web_appsec_rules.xml might need an update though to decrease the amount of incoming requests. More information: https://github.com/featzor/ossec-rules
Kind regards, Fredrik -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
