Guard Plugin

Overview

Guard Plugin constantly monitors all user requests to the Webstation application, detects attempts to brute force attack the web application, and blocks the intruder's requests. When security events occur, they are recorded in the event archive.

Information about the plugin operation is available to users with the Administrator role. The following figures show the web interface of the plugin.

General information
Users

Activity monitoring is performed by users, IP addresses and web sessions. Blocking of violators is carried out by username, by IP address or globally for the web application. In case of a global block, users who are already logged in continue to work.

Installation

Guard Plugin is installed according to the instructions. During installation, complete the following additional step: copy the PlgGuard.xml file from the plugin distribution into your project. The file should be displayed in the project explorer under the Webstation > Configuration Files node.

Configuring

Guard Plugin is configured by editing the PlgGuard.xml file in the Administrator application. The configuration file contains the parameters described in the following table.

Parameter Default Value Description
GeneralOptions Section of general options
UserFailsPerMinute 10 Maximum number of failed login attempts allowed per minute for a specific user
TotalFailsPerMinute 100 Maximum number of failed login attempts allowed per minute for all users
BlockingDuration 1 Login blocking duration, minutes
CacheExpiration 30 Cache expiration period for violation data, minutes
EventOptions Security event recording options
ArchiveCode Events Archive code for recording events. If not specified, the default event archive is used
CnlNum 0 Channel number to which generated events belong