###############################################################################
# IF MODIFICATIONS ARE MADE TO THIS FILE DIRECTLY, THE FOLLOWING MUST BE RUN
# TO COMMIT THE CHANGES:
#
# For full AWP installations:
#   /var/awp/bin/awp -s -f
#
# For rules only installations:
#   /var/awp/bin/aum -u -f
#
###############################################################################

# Authentication information
USERNAME="USERNAME"
PASSWORD="PASSWORD"
EMAIL_SUPPORT="root@localhost"
UPDATEPATH="www.atomicorp.com/channels/asl-3.0/rules/"
ASLHOME="/var/awp"
AWPHOME="/var/awp"
UPDATE_SERVER="updates.atomicorp.com"
UPDATE_PATH="/channels/asl-4.0"
HTTP_PROXY=""
HTTP_PROXY_PORT=""
HTTP_PROXY_USERNAME=""
HTTP_PROXY_PASSWORD=""
AWP_PWSPEC="default"

# AWP Web Settings
AWPW_AUTO_LOGOUT="60"
ALERTS_USE_DB="yes"
AWP_DB_RETENTION="3 days"
AWP_DB_ARCHIVE="yes"
AWPW_MAX_OUTBOUND="262144"

# Data Retention Policies
RETENTION_USE_CONSOLIDATED="no"
RETENTION_CONSOLIDATED="3 months"
AWP_CLEAN_INDEXES="180"
AWP_CLEAN_STATS="180"
AWP_CLEAN_REPORTS="60"
RETENTION_MAX_RBC_COUNT="10"

# AWP Data Paths
PATH_EVENT_LOG="/var/ossec/logs/alerts/alerts.log"
PATH_DISABLED_SIG="/var/awp/etc/disabled_signatures"
PATH_SEC_MODULE="/var/awp/data/security-modules"
PATH_SIG_UPDATE="/var/awp/data/updates-data"
PATH_VULNERABILITY="/var/awp/data/vulnerability-data"
PATH_VULNERABILITY_REPORT="/var/awp/data/vulnerability-report.html"
PATH_VULNERABILITY_TEMPLATES="/var/awp/data/templates"
PATH_RSS="http://www.atomicorp.com/news.feed"
IP_ACCESSLIST="/var/awp/etc/accesslist"
PATH_DENYLIST="/var/awp/etc/denylist"
PATH_GEODENYLIST="/var/awp/etc/geo-denylist"
PATH_TLD="/var/awp/etc/tld_country.txt"
PATH_SYSCHECK="/var/ossec/queue/syscheck/syscheck"
PATH_WEBAPP_DB="/var/awp/data/webapp.db"

# AWP general configuration.
NOTIFY="yes"
EMAIL="root@localhost"
HOSTNAME="localhost"
ADMIN_USERS=""
SYSTEM_TYPE="webserver"
AUTOMATIC_UPDATES="hourly"
UPDATE_TYPE="all"
RESTART_APACHE="graceful"
RESTART_NGINX="yes"
AWP_USER="tortix"
FEED_TYPE="real-time"
FEED_SOURCE=""
COMPLIANCE="off"
KERNEL_CHANNEL="tortix-kernel"
ALLOW_NFS="yes"
DOWNLOADER="curl"
REPUTATION_REPORT="yes"
REPUTATION_FREQUENCY="hourly"
PURGE_LOGS="no"
AIR_GAPPED="no"
AUM_TIMEOUT_CONECT="10"
AUM_TIMEOUT_TRANSFER="360"
REPO_MANAGEMENT_POLICY="default"
APACHE_IGNORE="off"
AWP_VULNERABILITY_SCANNER="yes"
VULS_MIN_SEVERITY="Medium"
AWP_DEF_VULS="yes"

# AWP firewall
FW_ENABLE="yes"
FW_ENABLE_IPSET="yes"
FW_ENABLE_IPV6="yes"
FW_FLUSH_RULES="no"
FW_IPS="yes"
FW_IPS_LOG="yes"
FW_INBOUND_TCP_SERVICES="no"
FW_INBOUND_UDP_SERVICES="no"
FW_OUTPUT_MTA="no"
FW_OUTPUT_DNS="no"
FW_OUTPUT_NTP="no"
FW_OUTPUT_RDATE="no"
FW_OUTPUT_TCP_SERVICES="no"
FW_OUTPUT_UDP_SERVICES="no"
FW_ACCESSLIST="yes"
FW_ACCESSLIST_LOG="no"
FW_DYN_ACCESSLIST="no"
FW_DYN_ACCESSLIST_LOG="no"
FW_MSS_DROP="no"
FW_MSS_DROP_LOG="yes"
FW_RATE_LIMIT="no"
FW_RATE_LIMIT_LOG="yes"
FW_LASSO="no"
FW_LASSO_LOG="yes"
FW_ELASSO="no"
FW_ELASSO_LOG="yes"
FW_CIARMY="no"
FW_CIARMY_LOG="yes"
FW_EMERGING_THREATS="no"
FW_EMERGING_THREATS_LOG="yes"
FW_OPENBL="no"
FW_OPENBL_LOG="yes"
FW_AUTOSHUN="no"
FW_AUTOSHUN_LOG="yes"
FW_OPENPROXIES="no"
FW_OPENPROXIES_LOG="yes"
FW_DSHIELD="no"
FW_DSHIELD_LOG="yes"
FW_TOR="no"
FW_TOR_LOG="yes"
FW_LOG_AR_DROP="yes"
FW_AR_RECAPTCHA="off"
FW_AR_RECAPTCHA_LIMIT="5"
FW_PORTSCAN="yes"
FW_LOWLEVEL_PORTSCAN="no"
FW_DROP_SYNSCAN="no"
FW_DROP_STEALTH_SCAN="no"
FW_DROP_CONNECT_SCAN="no"
FW_DROP_GRAB_SCAN="no"
FW_ADVANCED_PORTSCAN="yes"
PSD_W_THRSH="21"
PSD_DELAY="300"
PSD_LO="3"
PSD_HI="1"
FW_BAD_PACKETS="no"
FW_SMALL_PACKETS="no"
FW_FRAGMENTS="no"
FW_DROP_INVALID="yes"
FW_DROP_INVALID_LOG="no"
FW_LOG_DENYLIST_DROP="yes"
FW_LOG_GEOBLOCK_DROP="yes"
FW_GEO_DENYLIST_BLOCK_OUTBOUND="no"
FW_IGNORE_BROADCASTS="no"
FW_ACCEPT_REDIRECTS="no"
FW_ACCEPT_SOURCE_ROUTE="no"
FW_ICMP_IGNORE_ALL="no"
FW_ICMP_IGNORE_BROADCASTS="no"
FW_IGNORE_ICMP_BOGUS="no"
FW_IPV4_FORWARD="no"
FW_IPV6_FORWARD="no"
FW_PROXY_ARP="no"
FW_RP_FILTER="no"
FW_SYN_COOKIES="yes"
FW_TCP_ECN="no"
FW_TCP_TIMESTAMPS="yes"
FW_TCP_WINDOW_SCALING="yes"
FW_PLESK_UPDATES="no"
FW_SPAMASSASSIN_UPDATES="no"
FW_PORTKNOCK="no"
FW_PORTKNOCK_SIMPLE="no"
FW_PORTKNOCK_SIMPLE_LOG_KNOCK="yes"
FW_PORTKNOCK_SIMPLE_LOG_ALLOWED="yes"
FW_PORTKNOCK_ADVANCED="no"
FW_PORTKNOCK_ADVANCED_LOG_KNOCK="yes"
FW_PORTKNOCK_ADVANCED_LOG_ALLOWED="yes"


# Kernel configuration.
ALLOW_kmod_loading="no"
MAX_USER_WATCHES="1048576"
# legacy settings
GRKERNSEC_DISABLE_PAX="no"
GRKERNSEC_DETER_BRUTEFORCE="no"
GRKERNSEC_CONSISTENT_SETXID="yes"
ENABLE_TPE="yes"
TPE_GROUP_POLICY="untrusted"
TPE_UNTRUSTED_USERS=""
TPE_TRUSTED_USERS=""
DISABLE_PRIVILEGED_IO="yes"
AUDIT_MOUNT="no"
AUDIT_CHDIR="no"
AUDIT_PTRACE="yes"
AUDIT_TEXTREL="no"
CHROOT_CAPS="yes"
CHROOT_DENY_CHMOD="yes"
CHROOT_DENY_CHROOT="yes"
CHROOT_DENY_FCHDIR="yes"
CHROOT_DENY_MKNOD="yes"
CHROOT_DENY_MOUNT="yes"
CHROOT_DENY_PIVOT="yes"
CHROOT_DENY_SHMAT="yes"
CHROOT_DENY_SYSCTL="yes"
CHROOT_DENY_UNIX="yes"
CHROOT_ENFORCE_CHDIR="yes"
CHROOT_EXECLOG="no"
CHROOT_FINDTASK="yes"
CHROOT_RESTRICT_NICE="yes"
EXEC_LOGGING="no"
EXEC_LOG_USERS=""
DMESG="yes"
EXECVE_LIMITING="yes"
FIFO_RESTRICTIONS="yes"
FORKFAIL_LOGGING="yes"
HARDEN_PTRACE="yes"
IP_BLACKHOLE="yes"
LASTACK_RETRIES="4"
LINKING_RESTRICTIONS="yes"
RESOURCE_LOGGING="yes"
ROMOUNT_PROTECT="no"
RWXMAP_LOGGING="yes"
SIGNAL_LOGGING="yes"
SOCKET_ALL="yes"
SOCKET_USERS=""
SOCKET_CLIENT="yes"
SOCKET_CLIENT_USERS=""
SOCKET_SERVER="yes"
SOCKET_SERVER_USERS=""
TIMECHANGE_LOGGING="yes"


# Clamav configuration
CLAMAV_ENABLED="yes"
CLAMAV_ENABLE_REALTIME="no"
CLAMAV_TCPADDRESS="127.0.0.1"
CLAMAV_PREVENTONACCESS="no"
CLAMAV_SAFEBROWSING="yes"
CLAMAV_LogFile="/var/log/clamav/clamd.log"
CLAMAV_LogFileMaxSize="0"
CLAMAV_LogTime="yes"
CLAMAV_TemporaryDirectory="/var/tmp"
CLAMAV_DatabaseDirectory="/var/lib/clamav"
CLAMAV_LocalSocket="/tmp/clamd.socket"
CLAMAV_TCPSocket="3310"
CLAMAV_MaxConnectionQueueLength="30"
CLAMAV_MaxThreads="50"
CLAMAV_ReadTimeout="300"
CLAMAV_MaxQueue="100"
CLAMAV_SelfCheck="600"
CLAMAV_DetectPUA="no"
CLAMAV_ScanPE="yes"
CLAMAV_ScanELF="yes"
CLAMAV_DetectBrokenExecutables="no"
CLAMAV_ScanOLE2="yes"
CLAMAV_ScanPDF="yes"
CLAMAV_ScanMail="yes"
CLAMAV_ScanPartialMessages="no"
CLAMAV_CDB_SIGNATURES="yes"
CLAMAV_PhishingSignatures="yes"
CLAMAV_PhishingScanURLs="yes"
CLAMAV_PhishingAlwaysBlockSSLMismatch="no"
CLAMAV_PhishingAlwaysBlockCloak="no"
CLAMAV_StructuredDataDetection="no"
CLAMAV_StructuredMinCreditCardCount="3"
CLAMAV_StructuredMinSSNCount="3"
CLAMAV_StructuredSSNFormatNormal="yes"
CLAMAV_StructuredSSNFormatStripped="no"
CLAMAV_ScanHTML="yes"
CLAMAV_ScanArchive="yes"
CLAMAV_ArchiveBlockEncrypted="no"
CLAMAV_MaxScanSize="100M"
CLAMAV_MaxFileSize="25M"
CLAMAV_MaxRecursion="16"
CLAMAV_MaxFiles="10000"

# OSSEC configuration
OSSEC_ENABLED="yes"
OSSEC_NOTIFY="yes"
OSSEC_MODE="server"
OSSEC_USE_MYSQL="no"
HIDS_DATABASE_ENGINE="innodb"
OSSEC_SERVER=""
OSSEC_EMAIL="root@localhost"
OSSEC_SMTP_SERVER="localhost"
HIDS_HELO_SERVER="localhost"
OSSEC_FROM="awp@$HOSTNAME"
OSSEC_MAX_MSG="1"
OSSEC_ACTIVE_RESPONSE="yes"
OSSEC_SHUN_ENABLE_TIMEOUT="yes"
OSSEC_SHUN_TIME="600"
OSSEC_DISABLE_SYSCHECK="no"
OSSEC_REPORT_CHANGES="yes"
OSSEC_AUTHD_DISABLED="no"
OSSEC_AUTHD_USE_PASSWORD="no"
OSSEC_AUTHD_PORT="1515"
OSSEC_AUTHD_USE_SOURCE_IP="no"
OSSEC_AUTHD_FORCE_INSERT="yes"
OSSEC_AUTHD_FORCE_TIME="1h"
OSSEC_AUTHD_KEY_MISMATCH="yes"
OSSEC_AUTHD_PURGE="yes"
HIDS_THREAT_INTELLIGENCE="yes"
HIDS_OUTPUT_JSON="yes"
HIDS_SHUN_MULTIPLIER="3"
HIDS_SHUN_TRACKING="yes"
HIDS_EMAIL_ALERT_LEVEL="7"
HIDS_LOG_ALERT_LEVEL="1"
HIDS_CLEAN_DIFF="60"
HIDS_ARCHIVE_ALL="no"
HIDS_AGENT_FIM_NOLOG="yes"
HIDS_analysisd_default_timeframe="360"
HIDS_analysisd_stats_maxdiff="25000"
HIDS_analysisd_stats_mindiff="250"
HIDS_analysisd_stats_percent_diff="30"
HIDS_analysisd_fts_list_size="32"
HIDS_analysisd_fts_min_size_for_str="14"
HIDS_analysisd_log_fw="1"
HIDS_logcollector_loop_timeout="2"
HIDS_logcollector_open_attempts="8"
HIDS_logcollector_remote_commands="0"
HIDS_remoted_recv_counter_flush="128"
HIDS_remoted_comp_average_printout="19999"
HIDS_remoted_verify_msg_id="0"
HIDS_maild_strict_checking="1"
HIDS_maild_grouping="1"
HIDS_maild_full_subject="0"
HIDS_maild_geoip="1"
HIDS_monitord_day_wait="10"
HIDS_monitord_compress="1"
HIDS_monitord_sign="1"
HIDS_monitord_monitor_agents="1"
HIDS_syscheck_sleep="1"
HIDS_syscheck_sleep_after="100"
HIDS_dbd_reconnect_attempts="5000"
HIDS_windows_debug="0"
HIDS_syscheck_debug="0"
HIDS_remoted_debug="0"
HIDS_analysisd_debug="0"
HIDS_logcollector_debug="0"
HIDS_agent_debug="0"
HIDS_TCP_WRAPPERS="no"
HIDS_CLOUDFLARE_BAN="no"
HIDS_CLOUDFLARE_BAN_API="no"
HIDS_CLOUDFLARE_BAN_EMAIL="no"
HIDS_IPSET_DROP="yes"
HIDS_analysisd_decoder_order_size="64"
HIDS_analysisd_geoip_jsonout="0"
HIDS_analysisd_label_cache_maxage="1"
HIDS_analysisd_show_hidden_labels="0"
HIDS_logcollector_vcheck_files="64"
HIDS_logcollector_max_lines="10000"
HIDS_remoted_pass_empty_keyfile="1"
HIDS_monitord_keep_log_days="31"
HIDS_rootcheck_sleep="50"
HIDS_agent_tolerance="15"
HIDS_agent_warn_level="90"
HIDS_agent_normal_level="70"
HIDS_agent_min_eps="50"
HIDS_wazuh_modules_task_nice="10"
HIDS_wazuh_modules_max_eps="1000"
HIDS_wazuh_modules_debug="0"
HIDS_wazuh_database_sync_agents="1"
HIDS_wazuh_database_sync_syscheck="0"
HIDS_wazuh_database_sync_rootcheck="1"
HIDS_wazuh_database_full_sync="0"
HIDS_wazuh_database_sleep="60"
HIDS_wazuh_database_max_queued_events="0"
HIDS_ALAS_VULN_DATASET="yes"
HIDS_CANONICAL_VULN_DATASET="yes"
HIDS_DEBIAN_VULN_DATASET="yes"
HIDS_REDHAT_VULN_DATASET="yes"
HIDS_NVD_VULN_DATASET="yes"
HIDS_MSU_VULN_DATASET="yes"
HIDS_ROOTCHECK_MODULE="yes"
HIDS_OPENSCAP_MODULE="yes"
HIDS_SCA_MODULE="yes"
HIDS_SYSCOLLECTOR_MODULE="yes"
HIDS_ZABBIX_OUTPUT="no"
HIDS_INTEGRATION_VIRUSTOTAL="no"
HIDS_INTEGRATION_VIRUSTOTAL_API_KEY=""
HIDS_AWS_S3_MODULE="no"
HIDS_AWS_S3_MODULE_NAME=""
HIDS_AWS_S3_MODULE_PROFILE=""
HIDS_INTEGRATION_SLACK="no"
HIDS_INTEGRATION_SLACK_WEBHOOK=""
HIDS_INTEGRATION_SLACK_LEVEL=""

# mod_security configuration
MODSEC_ENABLED="yes"
WAF_ENGINE="on"
WAF_MANAGE_CONF="yes"
WAF_CHROOTDIR="no"
WAF_READSTATELIMIT="100"
WAF_WRITESTATELIMIT="100"
WAF_SECREQUESTBODYNOFILESLIMIT="1048576"
WAF_SECREQUESTBODYINMEMORYLIMIT="131072"
WAF_DEFAULT_ACTION="deny"
WAF_REDIRECT_URL="https://%{server_name}:30000/blocked.php?eventid=%{unique_id}&ruleid=%{rule.id}&sourceip=%{remote_addr}"
WAF_SECINTERCEPTONERROR="on"
WAF_SECRESPONSEBODYACCESS="on"
MODSEC_SERVERSIG="Apache"
MODSEC_UPLOADDIR="/var/awp/data/suspicious"
MODSEC_RULES_PATH="/etc/httpd/modsecurity.d"
MODSEC_KEEPFILES="off"
MODSEC_LOGTYPE="Concurrent"
MODSEC_LOGFILE="audit_log"
MODSEC_LOGELEMENT="ABIFHZ"
MODSEC_REQMEMLIMIT="131072"
MODSEC_DEBUGLOG="no"
MODSEC_CLEAN_ALERT="14"
MODSEC_DATADIR="/var/awp/data/msa"
MODSEC_AUDITDIR="/var/awp/data/audit"
MODSEC_TMPDIR="/tmp"
MODSEC_RESPONSEBODYLIMIT="2621440"
MODSEC_REQUESTBODYLIMIT="134217728"
MODSEC_RESPONSEBODYLIMITACTION="ProcessPartial"
MODSEC_00_ACCESSLIST="no"
MODSEC_00_DENYLIST="no"
WAF_LUA_00_SEARCHENGINE="no"
MODSEC_00_SEARCHENGINE="no"
MODSEC_00_AUTOACCESSLIST_SEARCHENGINE="no"
MODSEC_00_THREAT="no"
MODSEC_00_ANTIEVASION="yes"
MODSEC_00_STRICT="no"
MODSEC_00_RBL="no"
MODSEC_01_DOMAIN_BLOCKS="no"
MODSEC_03_DOS="yes"
MODSEC_01_APP_RULES="no"
MODSEC_01_RULES="no"
MODSEC_06_HONEYPOT="no"
MODSEC_10_ANTIMALWARE="yes"
MODSEC_10_RULES="yes"
MODSEC_11_ADV_RULES="yes"
MODSEC_11_DLP="no"
MODSEC_12_ADV_XSS_RULES="yes"
MODSEC_12_BRUTE="yes"
MODSEC_20_USERAGENTS="yes"
MODSEC_21_USERAGENTS="no"
MODSEC_30_ANTISPAM="yes"
MODSEC_31_ANTISPAM_URI="no"
MODSEC_50_ROOTKITS="yes"
MODSEC_50_PLESK="no"
MODSEC_51_WORDPRESS="no"
MODSEC_60_RECONS="yes"
MODSEC_61_RECONS_DLP="yes"
MODSEC_98_ADV_REDACTOR="no"
MODSEC_99_JITP="yes"
MODSEC_99_MALWARE_OUTPUT="yes"
MODSEC_99_SCANNER="yes"
MODSEC_99_ADV_SCANNER="yes"



# General PHP configuration options.
PHP_CHECKS="no"
PHP_SAFE_MODE="no"
PHP_REGISTER_GLOBALS="no"
PHP_URL_FOPEN="no"
PHP_URL_INCLUDE="no"
PHP_MAGIC_QUOTES_GPC="on"
PHP_MAGIC_QUOTES_RUNTIME="on"
PHP_EXPOSE_PHP="no"
PHP_DISPLAY_ERRORS="no"
PHP_MAIL_XHEADER="yes"
ALLOW_dl="no"
ALLOW_escapeshellcmd="no"
ALLOW_curl_exec="no"
ALLOW_curl_multi_exec="no"
ALLOW_exec="no"
ALLOW_ftp_exec="no"
ALLOW_fsockopen="no"
ALLOW_leak="no"
ALLOW_passthru="no"
ALLOW_pcntl_exec="no"
ALLOW_pfsockopen="no"
ALLOW_phpinfo="yes"
ALLOW_popen="no"
ALLOW_posix_kill="no"
ALLOW_posix_mkfifo="no"
ALLOW_posix_setpgid="no"
ALLOW_posix_setsid="no"
ALLOW_posix_setuid="no"
ALLOW_proc_close="no"
ALLOW_proc_get_status="no"
ALLOW_proc_nice="no"
ALLOW_proc_open="no"
ALLOW_proc_terminate="no"
ALLOW_shell_exec="no"
ALLOW_show_source="no"
ALLOW_system="no"

ALLOW_ini_alter="no"
ALLOW_ini_set="no"
ALLOW_symlink="no"
ALLOW_link="no"
ALLOW_ftok="no"
ALLOW_posix_access="no"
ALLOW_openlog="no"
ALLOW_syslog="no"
ALLOW_readlink="no"
ALLOW_apache_child_terminate="no"
ALLOW_apache_setenv="no"
ALLOW_define_syslog_variables="no"
ALLOW_escapeshelarg="no"
ALLOW_highlight_file="no"
ALLOW_ini_get_all="no"
ALLOW_posix_getpwuid="no"
ALLOW_posix_uname="no"

# SSH daemon configuration.
SSH_MANAGE="yes"
SSH_PROTOCOL="2"
SSH_PORT="no"
SSH_STRICTMODE="yes"
SSH_IGNORE_RHOSTS="yes"
SSH_PUBKEY="yes"
SSH_ROOTLOGINS="no"
SSH_PASSWORD_AUTH="no"
SSH_PRIV_SEPARATION="yes"
SSH_GSSAPI_AUTH="no"
SSH_GSSAPI_CLEANUP="no"
SSH_USEDNS="no"
SSH_PERMITEMPTYPASSWORDS="no"
SSH_ALLOWAGENTFORWARDING="yes"
SSH_X11FORWARDING="yes"
SSH_ALLOWTCPFORWARDING="yes"
CUSTOM_SSH_PORT="no"

# Rkhunter settings.
RKHUNTER_ENABLED="yes"
RKHUNTER_EMAIL="$EMAIL"


# mod_evasive configuration.
MODEV_ENABLED="yes"
MODEV_DOSHashTableSize="4096"
MODEV_DOSPageCount="10"
MODEV_DOSSiteCount="400"
MODEV_DOSPageInterval="4"
MODEV_DOSSiteInterval="4"
MODEV_DOSBlockingPeriod="25"

# mod_qos
MOD_QOS_ENABLED="no"

# Web App Inventory
APPINV_CRON="daily"

# Plesk settings
PSA_DISABLE_CRONTAB="no"
PSA_PHP_DOMAIN_POLICY="no"

# Cpanel settings
CPANEL_DISABLE_POSTEASYAPACHE="no"

# Apache settings
APACHE_SSLPROTOCOL="TLS 1.2 only"
APACHE_SSLCIPHERSUITE="strong"

# Courier IMAP
COURIER_TLSPROTOCOL="TLS1"


# Mysql settings
MYSQL_CHECKS="yes"
MYSQL_DISABLE_LOAD_DATA="yes"
MYSQL_ENABLE_LOG_ERRORS="yes"
MYSQL_ENABLE_LOG_WARNINGS="yes"
MYSQL_DISABLE_SYMBOLIC_LINKS="yes"
MYSQL_QUERY_CACHE="32m"
MYSQL_WAIT_TIMEOUT="28800"
MYSQL_RESTART_COMMAND=""

# Rsyslog settings
MODLOAD_IMKLOG="on"


# CGroups settings
CGROUPS_ENABLE="no"

# Cluster settings
OSSEC_CLUSTER="off"
CLUSTER_MODE=""
CLUSTER_MASTER_IP=""


# SSO/2FA settings
OPENID_CONNECT_INTEGRATION="on"
SAML_SSO_INTEGRATION="off"
SSO_AUTH_ONLY_MODE="off"
# Master configuration flag. Do not modify
CONFIGURED="no"

#WebAuthn Settings
WEBAUTHN_ENABLE="off"

AWPWEB_CERTIFICATE="awpweb_server"

# Runsafe Security Settings
RUNSAFE_SECURITY_ENABLED="no"
RUNSAFE_SECURITY_API_KEY=""

#Agentless Legacy Mode
AGENTLESS_LEGACY_MODE="on"
