Set server defaults at an organization level

Under organization settings, select Servers.

Use the dropdown to choose the environment in which you want to apply the default (Development, QA, or Production). Check the box next to Set as default environment if you want to specify a default environment for future server configuration.

Use the dropdown to choose the Log Level. The default log level selection is ERROR.

Under Automatic server cleanup, enter the length of time that you would like servers to be offline before they are automatically cleaned up. The default value is 30 days.

A background task runs every five minutes to check if there is an organization with automatic server cleanup enabled.

If there are one or more servers with no activity received within the configured time frame, Contrast disables the servers automatically. They are no longer visible under Servers in the Contrast web interface.

Contrast keeps Information on vulnerabilities and attacks related to these servers even after they're disabled. Protect licenses from disabled servers return to the pool of licenses.

Under Assess, specify these settings:

1. Select which stacktraces should be captured (all, some or none).

2. To optimize analysis performance, select Enable sampling for higher performance.

   • If Contrast sees the same URL being called multiple times, it analyzes the URL based on the the number of times specified in the Baseline setting.

   • Afterwards, if Contrast continues to see the same URL, it only checks it based on the Frequency setting.

   • Contrast retains samples for the number of seconds specified for the Window setting. After the time specified for the Window setting elapses, Contrast analyzes the URL again, according to the Baseline setting.

   Configure these settings:

   • Baseline: The number of times that Contrast analyzes URLs to complete sampling. The default setting is 5.

   • Frequency: The number of times that Contrast analyzes URLs after the Baseline is achieved. The default setting is 10.

   • Window: The number of seconds that Contrast retains samples before reverting to the Baseline. The default setting is 180.

Under Protect, specify these settings:

1. To enable Protect, turn on the Protect toggle.

   Important

   Turning Protect on selects the setting to apply Protect licenses to new servers automatically.

   Administrators receive emails each time a server is licensed. As servers go up and down frequently, you may want to setup an email filter for any unwanted traffic.

   In this section, the license bar shows the number of purchased Protect licenses in use. If you are using more licenses than you purchased, the license bar also shows the number of additional licenses in use.

2. To turn on bot blocking, select  Enable bot blocking.

   Bot blocking blocks traffic from scrapers, attack tools and other unwanted automation.

   To view blocked bot activity, under Attacks > Attack Events, use the Automated filter option.

   Note

   You can configure bot blocking in the YAML files for Java, .NET Framework, .NET Core, Ruby, and Python.

3. To send Protect events to syslog, select Enable output of Protect events to syslog.

   Configure these settings:

   • Enter the IP Address and Port in the given fields. Use the dropdown to chose the Facility.

   • Click on the event severity badges, and use the dropdown to choose a message Severity level for each one. The defaults are:

     • 1 - Alert for Exploited

     • 4 - Warning for Blocked

     • 5 - Notice for Probe

To retain library details, turn on the Retain Library Data toggle. When enabled, Contrast retains library details for the last server being deleted from Contrast during server cleanup.

To send agent data to Contrast, turn on the Agent diagnostics toggle. Contrast uses this data to improve rules, performance, and to prioritize product improvements.