Guard Plugin
Overview
Guard Plugin constantly monitors all user requests to the Webstation application, detects attempts to brute force attack the web application, and blocks the intruder's requests. When security events occur, they are recorded in the event archive.
Information about the plugin operation is available to users with the Administrator role. The following figures show the web interface of the plugin.
Activity monitoring is performed by users, IP addresses and web sessions. Blocking of violators is carried out by username, by IP address or globally for the web application. In case of a global block, users who are already logged in continue to work.
Installation
Guard Plugin is installed according to the instructions. During installation, complete the following additional step: copy the PlgGuard.xml file from the plugin distribution into your project. The file should be displayed in the project explorer under the Webstation > Configuration Files node.
Configuring
Guard Plugin is configured by editing the PlgGuard.xml file in the Administrator application. The configuration file contains the parameters described in the following table.
| Parameter | Default Value | Description |
|---|---|---|
| GeneralOptions | Section of general options | |
| UserFailsPerMinute | 10 | Maximum number of failed login attempts allowed per minute for a specific user |
| TotalFailsPerMinute | 100 | Maximum number of failed login attempts allowed per minute for all users |
| BlockingDuration | 1 | Login blocking duration, minutes |
| CacheExpiration | 30 | Cache expiration period for violation data, minutes |
| EventOptions | Security event recording options | |
| ArchiveCode | Events | Archive code for recording events. If not specified, the default event archive is used |
| CnlNum | 0 | Channel number to which generated events belong |