wordpress + all-in-one-seo-pack with memory settings causes IDS event
Forum
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor
  1. Gediminas
  2. Tuesday, 31 January 2017
  3.  Subscribe via email
I found a false positive incident case. Its on wordpress having all-in-one-seo-pack installed, with extra memory settled from plugin inteface. After incident caused - user cant access website. But the case is, that plugin was set so.

Jan 31 18:01:33 mano suhosin[140600]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker '213.197.xxx.xxx', file '/home/xxx/public_html/wp-content/plugins/all-in-one-seo-pack/all_in_one_seo_pack.php', line 188)
Rate this post:
  1. 01.02.2017 09:02:44
  2. # 1
Posts: 187
Joined: 31.01.2017
0
Votes
Undo
This error is triggered by ossec rule in Imunify360 IDS. We are going to add possibility to deactivate single ossec rule in one of the following releases. You can track it by looking for DEF-579 tag in Imunify360 new version notification blog posts.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.