Revision #2 has been created by Gustavo on Jan 27, 2011, 2:17:08 PM with the memo:
More security in your applications
known project that can be
seen in [php-ids.org](http://php-ids.org "php-ids.org").
PHPIDS is an intrusion detection system, essentially based on
[...]The project PHPIDS was encapsulated in the form of the application component
Yii and can be downloaded at [http://www.yiiframework.com/extension/phpids](http://www.yiiframework.com/extension/phpids/ "http://www.yiiframework.com/extension/phpids")/
next to your
installation and use.
This how-to shows
, and since
in more detail some
This component was tested on versions 1.1.5 and 1.1.4 with PHP 5.2. The
[...]Unzip the file ... .webapp / protected / components / ids
Make the directory ... / components / ids / IDS / tmp writable
Update on ... main.php his / protected / config
Add the component
add the component
settings. The file
above is the minimum for the operation of
All application forms will be filtered by the PHPIDS, the
variables $ _REQUEST, $ _GET, $ _POST and $ _COOKIE are verified by
in the IDS rules detec
. If a
the application is stopped
the request, an exception is thrown with a
message error with no details to the attacker and a detailed log is generated.
This log is generated by the application component Log Yii, so a
, a message is simple details sent to the attacker:
The goal is that this message
details about the attack, nor
inform the attacker that his attack was detected. And
is given internally by the application, sending emails
simply blocking the user.
This message does not enter the log, the details of the attack are
generated and sent to the logging component.
**2) Reacting to the attack:**
[...]The callback parameter receives a valid callback as parameter, see
call_user_func function in the PHP Manual. It
be a function, or a
class and the method that should be called. In the above example we create a
terminates the application.
Through this configuration, the developer can handle in
detected attacks, sending emails, alerts, creating a black list,
removing user access, ending the session, etc..
processing of the callback
component will ** not **
ending the request is the responsibility of
developer using the function / method passed as callback.
**3) Enabling / Disabling**
[...]The enable parameter is used to enable or disable the execution of
This parameter can directly receive a boolean value, true
IDS to run the check or false not to run.
Or you can
receive a valid callback that should return a boolean value. With this
IDS configuration can be activated in
only a few requests
based on the rules of valid callback passed as parameter. See
call_user_func function to learn more about
**4) Next version 0.3**