Advanced Global Settings
Operational Settings |
Reporting Settings |
Error Handling |
Bot Policy |
Certain SDVP settings must always be configured globally, rather than on a per-site or per-profile basis. The Global Settings dialog contains these settings. It can be launched from the Configure menu of the Settings Manager, as well as from any one of several Configure buttons located on the relevant tabs.
The Operational Settings tab contains four controls:
- The Session Cleanup interval is a housekeeping setting and should not be changed unless recommended to do so by Port80 Software support.
- The Enforcement Grace Period is normally set when using the Configuration Wizard in Expert Mode to change into LOG ONLY mode.
- The SDCookie Name is a read-only field provided for informational purposes only. It is subject to periodic change without user intervention.
- The Client IP Policy provides two options for logging (and potentially blocking) client IPs:
- By default, the actual connection IP from TCP will always be used.
- You may instead elect to use the IP address contained in the X-Forwarded-For HTTP header, when present. Depending on the configuration of your load balancer or reverse proxy server, this method may be required to prevent inadvertent blocking of all requests.
The Reporting Settings tab contains three controls:
- The Update Site Status interval controls how often the statistics on the Site Status tab are auto-refreshed.
- The Summary Report URL and Site Report URL fields allow the relative URLs for these Web-based Reports to be changed.
The Error Handling tab controls both the Response Code and the Reason Phrase that are returned with errors raised by SDVP.
The Bot Policy tab controls the criteria used by SDVP to identify a pattern of requests as coming from an unwelcome and/or malicious bot (automated user-agent). These criteria are explicitly designed not to match (and therefore to permit) friendly bots such as legitimate search engine crawlers.
A check in the box labeled Enforce Bot Detection means that SDVP will block the IP addresses of those users it identifies as unwelcome bots. The other controls on this tab all represent criteria used in the identification of such bots. In all cases, the lower the number used, the more restrictive the application of the criterion:
- The first field specifies the number of requests that must be received from a given IP address before any other bot detection criteria will begin to be applied to that IP.
- The second field specifies the maximum number of errors that a legitimate user may accumulate per second. An error rate in excess of this will cause the user to be classified as an unwelcome bot.
- The third field specifies the percentage of requests that are allowed not to have an HTTP Referer header. Unwelcome bots will often not send such headers.
- The fourth field specifies the percentage of error-generating requests that are allowed not to have an HTTP Referer header. This number can generally be kept considerably lower than the previous one, without incurring excessive false positive risk.
- The last field (under User-Agent Settings) specifies the maximum number of requests allowed from any user-agent on the User-Agent Blacklist. To view and optionally add to or edit this list, click the Blacklist button.
The SMTP Settings tab is used to configure the SMTP server that is required for both Alerting (when the E-Mail Alert Method is chosen) and the E-mail version of the Daily Reports.