[Defender] Allow "error_log" files to be ignored as a default value while configuring De

Most of my clients do not know that "error_log" files are rather useful than threatning.

But since they're mentioned as a security issue in reports, my clients may think that their site is not working correctly or even insecure, so they prompt me to take immediate action …

So I'd find it better to let error_logs being excluded from warnings or at least let me exclude them during first-time-setup-wizard of defender.

  • Huberson

    Hello sushling
    That doesn't seem to be a very complicated feature to implement but IMHO, although this might be convenient for the purpose you mentioned above, allowing exclusion of arbitrary files could provably be insecure.

    Using the ignore options after File Scanning seems a better option(IMO) since you can review the file before exclusion.

    A good approach is to also educate the clients about that. Not all suspicious files are malicious so knowing that, and being aware that files that are common(like logs, ini files) can also be reported in file scanning can help reduce false alert.

    That said, I've tasked that as a feature request for our dev team to get their insight.

    Cheers,
    Huberson

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.