Configurations

Java servers

Please make all modifications to <app_home>/rasp/conf/rasp.properties. Changes take effect immediately, except for the hooks.ignore item (that requires a restart).

Item	Description	Default
plugin.timeout.millis	JS plugin timeout in ms	100
body.maxbytes	JS plugin can read at most these bytes	4 x 1024 = 4KB
hooks.ignore	List of disabled hook points, comma separated	(Empty)
block.url	Redirect to this page when an attack is blocked	rasp.baidu.com
block.status_code	HTTP response code for blocked requests	302
log.maxstack	Maximum depth of application stack in alarm logs	10
security.enforce_policy	Prevent the server from starting if security baseline is violated	false
ognl.expression.minlength	Minimum length of OGNL expression for JS plugin to process	30
sql.slowquery.min_rows	SQL slow query threashold	500
debug.level	Debug output level	0

PHP servers

All items configurable in standard PHP INI entries, reload or restart PHP servers to take effect.

Item	Description	Default
openrasp.block_url	Redirect to this page when an attack is blocked	rasp.baidu.com
openrasp.block_status_code	HTTP response code for blocked requests	302
openrasp.hooks_ignore	List of disabled hook points, comma separated	(Empty)
openrasp.log_maxburst	Maximum logs per second	1000
openrasp.root_dir	OpenRASP installation path - required	(Empty)
openrasp.enforce_policy	Prevent the server from starting if security baseline is violated	Off
openrasp.slowquery_min_rows	SQL slow query threashold	500
openrasp.syslog_facility	Set syslog facility	16
openrasp.syslog_server_address	Set syslog server address	(Empty)
openrasp.syslog_alarm_enable	Whether to enable syslog feature	Off
openrasp.syslog_connection_timeout	Syslog server connection timeout (ms)	50
openrasp.syslog_read_timeout	Syslog server read timeout (ms)	10
openrasp.timeout_ms	JS plugin timeout in ms	100
openrasp.locale	Locale file to use (e.g es_ES)	(Empty)
openrasp.log_maxstack	Maximum depth of application stack in alarm logs	10