#6004 - Change security risk percentage to risk score + other improvements

By PDStig
Added 11th Oct 2024, 11:39 PM
9 views

Identifier	#6004
Issue type	Feature request or suggestion
Title	Change security risk percentage to risk score + other improvements
Status	Completed
Tags	Roadmap: v11 (custom)
Handling member	PDStig
Version	11 beta3
Addon	securitylogging
Description	This hotfix applies the following changes: * Change risk percentages in security logging / hackattack table to risk score; divide all current percentages by 10 to convert to scores (done when the module is upgraded) * Do not divide the sum of risk scores by 100 anymore when comparing to the threshold of banning; compare as-is * Hack-attack ban threshold renamed to Hack-attack risk score ban threshold (the actual internal name is the same); multiply current value by 10 when the security module is upgraded since we are no longer dividing the sum of scores by 100 when comparing against this value * advanced_banning.xml now defines all hack-attack codenames with some default risk scores based on severity. That way, users can easily configure them as they desire. * admin_lookup now shows the total risk score of each IP address listed for quick glancing at how close an IP is to getting auto-banned (or just general security assessment) * Security logging page lists security incidents first, failed logins second, as hack attacks are usually a more severe issue and demand more immediate attention. * Tables on security logging limited to 25 records per page opposed to previous 50 * Security logging page now lists all security incidences with at least a 1 risk score (it is implied based on wording in text that a user should be able to see all of them, not just ones that were, for example, >= 80. * Security incidents table can now be sorted by risk score. This is pretty important to be able to see the most critical issues first; not sure why this wasn't done before. * A small bug was fixed on the admin_lookup page where ipv6 lookups would have the title "by username" instead of "by IP address"... and there was a missing title case for e-mail addresses.
Steps to reproduce
Funded?	No
Commits	Implemented MANTIS-6004 (Change security risk percentage to risk score + other improvements) (cefe58f0) · Commits · Composr ecosystem / Composr · GitLab

The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".

Rating

Unrated

Comments

By Guest posted 11th Oct 2024, 11:40 PM

A hotfix (a TAR of files to upload) has been uploaded to this issue. Only apply this hotfix if you absolutely need it and cannot wait until the next release of Composr (releases are more reliable and strictly tested). As of Composr version 11, the recommended way to apply a hotfix is by following the same steps as an upgrade (https://baseurl/upgrader.php, use the hotfix on the step “Transfer across new/updated files”). The upgrader will automatically skip files belonging to addons you do not have installed or that are newer on disk than in the hotfix. Otherwise, you can manually extract and replace these files (do not replace if your on-disk file is newer than the one in the hotfix). Always take backups of your site or at least files you are replacing before applying a hotfix. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/).

#6004 - Change security risk percentage to risk score + other improvements

Rating

Comments

Statistics