File integrity

  • Hash algorithm

Hash algorithm used to calculate file's hash. By default it's stablished as SHA1.

  • Files/Folder exceptions; comma separated values

Put here file/folders exceptions to file permissions checking. For example, if you have a folder where users upload files, you can set it as a exception.

  • Recursive folder exceptions

If this option is enabled, all files included in a folder exception will be also exceptions. For example, if the set /var/www/cli as an exceptions, all files included in this directory will appear as exceptions. By default it's stablished to No because of performance.

  • Include exceptions in database

If this option is enabled, all exceptions will be stored in database. This is more secure but more heavy. If you have a large site and all your files under your strict control, you can disable this option.

  • Look for malware

Look for malware patterns on each file with wrong integrity.

  • Move to quarantine If it's enabled, new/modified suspicious files rated as High will be moved to the quarantine folder. This is really useful, for example, if our site has been cleaned after an infection. If there are remaining threats or the server is infected, then new threats will be moved to quarantine to prevent a new infection.

    This option MAY BREAK YOUR SITE; use it WITH CAUTION.

  • Send email if integrity is wrong

If cron task of File Integrity finds new/modified files, it will send us an email alerting about this. It will use to, From (email) and From (name) parameters stablished at WAF Configuration --> Email notifications.

  • Email's subject

Subject of the email which will be send if File Integrity is wrong. If empty, it will use the value set in WAF Configuration --> Email notifications