# Uncomment the following line if you want to change any setting. [database] # dbHost = 127.0.0.1 # dbPort = 3306 # dbName = greendb dbUser = green dbpass = pwd [logging] # logfile - this parameter specifies location of the log file. # By default this will point to /var/log/greensql.log file in linux. logfile = /var/log/greensql/greensql.log # loglevel - this parameter specifies level of logs to produce. # Bigger value yelds more debugging information. loglevel = 10 [risk engine] # If query risk is bigger then specified value, query will be blocked block_level = 30 # Level of risk used to generate warnings. It is recomended to run application # in low warning level and then to acknowledge all valid queries and # then to lower the block_level warn_level=20 # Risk factor associated with SQL comments risk_sql_comments=30 # Risk factor associated with access to sensitive tables risk_senstivite_tables=10 # Risk factor associated with 'OR' SQL token risk_or_token=5 # Risk factor associated with 'UNION' SQL statement risk_union_token=10 # Risk factor associated with variable comparison. For example: 1 = 1 risk_var_cmp_var=30 # Risk factor associated with variable ony operation which is always true. # For example: SELECT XXX from X1 WHERE 1 risk_always_true=30 # Risk factor associated with an empty password SQL operation. # For example : SELECT * from users where password = "" # It works with the following fields: pass/pwd/passwd/password risk_empty_password=30 # Risk factor associated with miltiple queires which are separated by ";" risk_multiple_queries=30 # Risk of SQL commands that can used to bruteforce database content. risk_bruteforce=15