Skip to content

Update configuration.md #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 30, 2025
Merged

Update configuration.md #144

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions content/nap-waf/v4/configuration-guide/configuration.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -678,7 +678,6 @@ if failed logins reached a maximum threshold.
"bruteForceProtectionForAllLoginPages" : true,
"detectionCriteria" : {
"action" : "alarm",
"detectDistributedBruteForceAttack" : true,
"failedLoginAttemptsRateReached" : 100
},
"loginAttemptsFromTheSameIp" : {
Expand Down Expand Up @@ -713,11 +712,9 @@ if failed logins reached a maximum threshold.
Specifies action that is applied when the defined thresholds ( failedLoginAttemptsRateReached) is reached.
- **alarm**: The system will log the login attempt.

detectDistributedBruteForceAttack:
When enabled, the system detects distributed brute force attacks.

failedLoginAttemptsRateReached:
After configured threshold (number of failed login attempts within measurementPeriod) defined action will be applied for the next login attempt.
After configured threshold (number of failed login attempts within measurementPeriod) defined
action will be applied for the next login attempt.

loginAttemptsFromTheSameIp:
Specifies configuration for detecting brute force attacks from IP Address.
Expand All @@ -732,7 +729,8 @@ if failed logins reached a maximum threshold.
When enabled, the system counts failed login attempts from IP Address.

threshold:
After configured threshold (number of failed login attempts from IP Address) defined action will be applied for the next login attempt.
After configured threshold (number of failed login attempts from IP Address) defined
action will be applied for the next login attempt.

loginAttemptsFromTheSameUser:
Specifies configuration for detecting brute force attacks for Username.
Expand All @@ -745,7 +743,8 @@ if failed logins reached a maximum threshold.
When enabled, the system counts failed login attempts for each Username.

threshold:
After configured threshold (number of failed login attempts for each Username) defined action will be applied for the next login attempt.
After configured threshold (number of failed login attempts for each Username) defined
action will be applied for the next login attempt.

measurementPeriod:
Defines detection period (measured in seconds) for distributed brute force attacks.
Expand All @@ -760,7 +759,8 @@ if failed logins reached a maximum threshold.
Defines detection period (measured in seconds) for source-based brute force attacks.

url:
Reference to the URL used in login URL configuration (policy/login-pages). This login URL is protected by Brute Force Protection feature.
Reference to the URL used in login URL configuration (policy/login-pages).
This login URL is protected by Brute Force Protection feature.

## Custom Dimensions Log Entries

Expand Down