Home Forums WordPress Plugins Hide My WP Mega main menu

This topic is: not resolved
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • January 21, 2016 at 1:32 pm #7477
    nicholast10
    Post count: 1

    Hi,

    I am using HMWP and mega main menu plug in with a theme.

    In order to use the megamain menu to its potential, its developers asked me to change the settings of my server specified small value “max_input_vars”. We increased the PHP-option of “max_input_vars” to 2000 instead of 1000.

    When we did that, i am now getting alert emails from HMWP telling me:

    The following potential attack has been detected by HMWP IDS

    . If it’s you please Exclude that parameter or increase Notify Threshold from IDS settings.
    In most cases you don’t need to do anything. Hide My WP protects you!

    IP: xxx.xxx.34.1
    User ID:
    Date: 2016-01-21T11:53:10+00:00
    Total Impact: 202
    Affected tags: xss csrf dt id lfi rfe sqli

    I went to the IDS Firewall settings tab and put it to “0” to disable it. Is it the solution, or should i increase the value to 300 for example.

    thank you

    January 21, 2016 at 1:43 pm #7478
    Suman M.
    Post count: 12480

    Hi, apart from the alerts is any of the site functionality being affected? If site is working fine then simply ignore the alert. You can set “notify threshold” to 0 to stop receiving emails regarding Intrusions.

    January 21, 2016 at 1:50 pm #7479
    nicholast10
    Post count: 1

    Hi. No other functionalities seem ok. But is the increase in the max_input_vars which caused the alert to be raised? or is it another problem and it was just a coincidence? thank you.

    January 22, 2016 at 1:43 am #7490
    Suman M.
    Post count: 12480

    Increase in max_input_vars should not be the issue.
    HMWP IDS detects malicious requests coming to your site and notify you about it. But all these requests might not be harmful and you need not worry as HMWP IDS will take care of this and will block the malicious requests if Impact level is more than 20 (default value specified in HMWP IDS).
    As I mentioned earlier, you can stop receiving emails regarding this by setting “Notification Threshold” option to 0 in IDS Firewall tab.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.