modified default analyzer values

config.yaml

@@ -38,9 +38,9 @@ behavior:
   probability_error_codes: 0  # 0-100 percentage
 
 analyzer:
-  http_risky_methods_threshold: 0.1
-  violated_robots_threshold: 0.1
-  uneven_request_timing_threshold: 5
-  uneven_request_timing_time_window_seconds: 300
-  user_agents_used_threshold: 1
-  attack_urls_threshold: 1
+  # http_risky_methods_threshold: 0.1
+  # violated_robots_threshold: 0.1
+  # uneven_request_timing_threshold: 5
+  # uneven_request_timing_time_window_seconds: 300
+  # user_agents_used_threshold: 2
+  # attack_urls_threshold: 1

src/analyzer.py

@@ -111,9 +111,7 @@ class Analyzer:
         delete_accesses_count = len([item for item in accesses if item["method"] == "DELETE"])
         head_accesses_count = len([item for item in accesses if item["method"] == "HEAD"])
         options_accesses_count = len([item for item in accesses if item["method"] == "OPTIONS"])
-        patch_accesses_count = len([item for item in accesses if item["method"] == "PATCH"])
-        #print(f"TOTAL: {total_accesses_count} - GET: {get_accesses_count} - POST: {post_accesses_count}")
-        
+        patch_accesses_count = len([item for item in accesses if item["method"] == "PATCH"])  
 
         if total_accesses_count > http_risky_methods_threshold:
             http_method_attacker_score = (post_accesses_count + put_accesses_count + delete_accesses_count + options_accesses_count + patch_accesses_count) / total_accesses_count
@@ -131,10 +129,6 @@ class Analyzer:
             score["good_crawler"]["risky_http_methods"] = False
             score["bad_crawler"]["risky_http_methods"] = False
             score["regular_user"]["risky_http_methods"] = False
-        
-        #print(f"Updated score: {score}")
-
-
 
         #--------------------- Robots Violations ---------------------
         #respect robots.txt and login/config pages access frequency
@@ -248,6 +242,8 @@ class Analyzer:
 
         #--------------------- Calculate score ---------------------
 
+        attacker_score = good_crawler_score = bad_crawler_score = regular_user_score = 0
+
         attacker_score = score["attacker"]["risky_http_methods"] * weights["attacker"]["risky_http_methods"]
         attacker_score = attacker_score + score["attacker"]["robots_violations"] * weights["attacker"]["robots_violations"]
         attacker_score = attacker_score + score["attacker"]["uneven_request_timing"] * weights["attacker"]["uneven_request_timing"]

src/config.py

@@ -103,7 +103,7 @@ class Config:
         api = data.get('api', {})
         database = data.get('database', {})
         behavior = data.get('behavior', {})
-        analyzer = data.get('analyzer', {})
+        analyzer = data.get('analyzer') or {}
 
         # Handle dashboard_secret_path - auto-generate if null/not set
         dashboard_path = dashboard.get('secret_path')
@@ -142,7 +142,7 @@ class Config:
             violated_robots_threshold=analyzer.get('violated_robots_threshold', 0.1),
             uneven_request_timing_threshold=analyzer.get('uneven_request_timing_threshold', 5),
             uneven_request_timing_time_window_seconds=analyzer.get('uneven_request_timing_time_window_seconds', 300),
-            user_agents_used_threshold=analyzer.get('user_agents_used_threshold', 1),
+            user_agents_used_threshold=analyzer.get('user_agents_used_threshold', 2),
             attack_urls_threshold=analyzer.get('attack_urls_threshold', 1)
         )