ASL Configuration
Introduction
ASL is configured to a secure set of defaults upon installation. Most users do not need to change these settings.
Installation
ASL Installation settings are documented on the ASL installation page, please see that page for installation configuration options.
Post Installation Configuration
You can access the ASL configuration settings by following this process:
Step 1) Log into the ASL GUI
Step 2) Click on the Configuration tab
Step 3) Select "ASL Configuration"
This will pull up all the ASL Configuration options, which are broken into classes and are documented below or links are provided to the specific documentation pages for those options.
Authentication Information
ASL Web Settings
In addition to the settings below, also, please see the ASL Web Settings page for documentation about configuring the ASL GUI itself.
ASL_DB_RETENTION
Period alert data is considered to be live before being moved into an archive table. Once this limit is reached, ASL will move the events into the database archive table.
The format for this field is an integer follow by "days" "weeks" "months" or "years". For example, if you want to archive events after 3 months, you would change this field to:
3 months
The default is 7 days. After 7 days, events are archived.
This value is ignored if ASL_DB_ARCHIVE is set to "no" below.
ASL_DB_ARCHIVE
ASL will store old data in monthly archive table if this is set to 'yes', or simply delete past retention data if it is set to 'no' once the ASL_DB_RETENTION period is reached for the data.
Data Paths
General Settings
Firewall Configuration
Please see the ASL firewall page for documentation on these settings.
Kernel configuration
ClamAV configuration
Also, see the anti virus page for important documentation about configuring the Real Time Antimalware system in ASL.
PSMON configuration
OSSEC configuration
Mod_security configuration
Please see the ASL WAF page for documentation on these settings.
PHP configuration
SSH daemon configuration
Rkhunter settings
Mod_evasive
Also, see the Mod evasive page for important documentation about configuring the DOS protection system for Apache.