Yii 1.1: phpids

This extension uses the project PHPIDS like a application component for apply rules for attack detection and prevention.
11 followers

This extension uses the project PHPIDS like a application component for apply rules for attack detection and prevention. Perform a predefined reaction.

Credits and Thanks...

http://php-ids.org/contact/

Requirements

Tested in Yii 1.1.5 and 1.1.4

Usage

Download and unzip the file in components directory.
Make .../components/ids/IDS/tmp writable.

In config file change version 0.2...

...
//'preload'=>array('log'),
'preload'=>array('log','ids'),
...
components = array(
...
        'ids'=>array(
            'class'=>'application.components.ids.CPhpIds',
            'genericMessage'=>'Error!!!',
                        'callback'=>create_function('',"echo 'Error!'; Yii::app()->end(); return false;"),
                        'enable'=>create_function('','return $_GET["r"] != "site/contact";'),
        ),
)

in version 0.2 and enable the callback parameters were added.

  • callback - is passed as parameter to call_user_func, see php manual

  • enable - performs the functions of the IDS is true. If false ignores the IDS. Receives a BOOL value or a function that returns a bool value, if passed a parameter is_callable, this parameter is passed to call_user_func (see PHP manual).

Resources

More...

Total 6 comments

#4477 report it
horizons at 2011/07/12 09:34am
How to use this with remember login mode by cookie?

I tried this extension in the blog demo with allowAutoLogin enabled and cookie stored and always get an error for the created cookie used for the automated login.

#3838 report it
Panurge at 2011/05/13 02:14am
Update IDS

I would ask to make an how-to update the IDS package, as it is outdated. I've tried myself (looking at includes) without success. I'm looking for performance upgrades.

But must say one should always update the default_filter.xml set as available to download on the official website.

Great addon!! Cheers

#2541 report it
Rafael Garcia at 2011/01/15 01:49pm
HTMLPurifier and PHPIDS

HTMLPurifier and PHPIDS, perform different functions in the application. Both contribute to security. Both can be used together or separately.

In the next version of PHPIDS introduce more settings for now in version 0.2 we have two new options: callback and enable both explained in the current description of the component.

#2431 report it
pmaselkowski at 2010/12/30 05:25am
htmlpurifier

HTML Purifier is part of Yii framework, is it possible to use it instead of one contained in this extension? It seems to work without included purifier.

There is not enough configuration options, like tmp folder. How to disable ids for certain controllers/actions?

#2310 report it
Rafael Garcia at 2010/12/10 09:16am
log and throw exception.

This extension yet is a basic implementation for PHPIDS. With it is possible log the attack's details, while component throw a exception with a generic message for the attacker.

Too is possible send a email using CEmailLogRouter. For debug the messages CWebLogRouter. The extension uses the Yii's log component and PHPIDS's internal log. The level is 'warning' and category is 'application.components.ids'. The download file is updated for implements this level and category.

In the next release, we can implement a callback method to more possibilities of reaction. How to generate a blacklist, closing the session of the attacker...

Thanks!

#2308 report it
Trejder at 2010/12/10 05:59am
Other reactions for attacks?

Thank you for your extension, which is important add to security manners in Yii applications!

On "Project Page" it is written: "(...) This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session (...)".

Does your extensions supports other reactions (like mentioned ones)? If so, can you provide more examples how to react with sending e-mails or ending user session? If I'm not mistaken, you only provided example for showing error message. Thank you.

Leave a comment

Please to leave your comment.

Create extension
Downloads