Possible attack detected. This action has been logged.

Discussion in 'General' started by fbarcenas, Apr 6, 2018.

  1. fbarcenas

    fbarcenas Member

    Trying to add:
    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'"; 
    into the NGINX directives. Can't seem to do it.
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    No need to change anything for me.I just leave as default. Just clear the site cookies and the login is just fine afterwards.
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    You can set a higher score for the IDS system in the file /usr/local/ispconfig/security/security_settings.ini if nescessary.

Share This Page