Set server defaults at an organization level

Server settings provide default configurations to new servers (and their agents) are brought on board. Organization administrators can customize these configurations and set specific defaults for each environment.

To set server defaults:

  1. Under organization settings, select Servers.

  2. Use the drop-down menu to choose the environment in which you want to apply the default (development, test or production). Check the box next to Set as default environment if you want to specify a default environment for future server configuration.

  3. Use the drop-down menu to choose the Log Level. The default log level selection is ERROR.

  4. Under Automatic server cleanup, enter the length of time that you would like servers to be offline before they are automatically cleaned up.

    A background task runs every five minutes to check if there is an organization with automatic server cleanup enabled.

    If it is enabled, and there are one or more servers with no activity received within the configured timeframe, the servers are automatically disabled and no longer visible under Servers.

    Information on vulnerabilities and attacks related to these servers is still maintained even after they're disabled. Protect licenses from disabled servers will return to the pool of licenses.

  5. Under Assess, select which stacktraces should be captured (all, some or none).

  6. Select the check box to Enable sampling for higher performance. With sampling, Contrast selectively analyzes requests in order to avoid repeat analysis. Configure the following settings:

    • Baseline: The number of times that Contrast analyzes URLs to complete sampling. The default setting is 5.

    • Frequency: The number of times that Contrast analyzes URLs after the Baseline is achieved. The default setting is 10.

    • Window: The number of seconds that Contrast retains samples before reverting to the Baseline. The default setting is 180.

  7. Under Protect, use the green toggle to enable Protect.

    Important

    Turning Protect on by default requires that Protect licenses are automatically applied to servers.

    Administrators receive emails each time a server is licensed. As servers go up and down frequently, you may want to setup an email filter for any unwanted traffic.

  8. Selecxt the check box to Enable bot blocking. Bot blocking blocks traffic from scrapers, attack tools and other unwanted automation.

    To view blocked bot activity, under Attacks > Attack Events, use the Automated filter option.

    Note

    You can configure bot blocking in the YAML files for Java, .NET Framework, .NET Core, Ruby, and Python.

  9. Select the checkbox to Enable output of Protect events to syslog.

  10. Enter the IP Address and Port in the given fields. Use the drop-down menu to chose the Facility.

  11. Click on the event severity badges, and use the drop-down menu to choose a message Severity level for each one. The defaults are:

    • 1 - Alert for Exploited

    • 4 - Warning for Blocked

    • 5 - Notice for Probe

  12. If allowed at a system level, you can check the box to Automatically apply licenses to new servers for Protect.

In this section: