Difference between #1 and #2 of
More security in your applications with Yii and PHPIDS

Revision #2 has been created by Gustavo on Jan 27, 2011, 2:17:08 PM with the memo:

More security in your applications
« previous (#1) next (#3) »


Title changed

More security in your applications with Yii and PHPIDS [automatic translation]

Category unchanged


Yii version unchanged

Tags unchanged

phpids, security

Content changed

PHPIDS is a well known project that can be seenfound in [php-ids.org](http://php-ids.org "php-ids.org").

PHPIDS is an intrusion detection system, essentially based on
The project PHPIDS was encapsulated in the form of the application component
Yii and can be downloaded at [http://www.yiiframework.com/extension/phpids](http://www.yiiframework.com/extension/phpids/ "http://www.yiiframework.com/extension/phpids")/
next to youralong with its instructions,
installation and use. This how-to shows, and since its installation and in more detail some

This component was tested on versions 1.1.5 and 1.1.4 with PHP 5.2. The
Unzip the file ... .webapp / protected / components / ids

MakCreate the directory ... / components / ids / IDS / tmp writable

Update on ... main.php his / protected / config

Add the component
'ids' to the preload theindex of your application. config. 
In components
add the component input 'ids' and theirits settings. The file above is the minimum for the operation of 'ids'. All application forms will be filtered by the PHPIDS, the variables $ _REQUEST, $ _GET, $ _POST and $ _COOKIE are verified by types 
attacks reported 
reported attacks types 
in the IDS rules detecaçãotion. If an attack 
 potential attack is detected before, the application is stopped before processing of the request, an exception is thrown with a message 
generic message error with no details to the attacker and a detailed log is generated.

This log is generated by the application component Log Yii, so a
We can develop thisgo further in the configuration, a message is simple details 
. A simple detail is the message that is sent to the attacker:


The goal is that this message
hadoes not give details about the attack, nor inform the attacker that his attack was detected. And because the treatment
is given internally by the application, sending emails, or Alert 
by simply blocking the user. This message does not enter the log, the details of the attack are
generated and sent to the logging component.

**2) Reacting to the attack:**
The callback parameter receives a valid callback as parameter, see
call_user_func function in the PHP Manual. It
maycan be a function, or a class and the method that should be called. In the above example we create a simple function that prints error, and terminates the application. Through this configuration, the developer can handle in the best 
a better way detected attacks, sending emails, alerts, creating a black list,
removing user access, ending the session, etc..
the processing of the callback,  default exception default component will ** not ** released,trigger, so ending the request is the responsibility of
developer using the function / method passed as callback.

**3) Enabling / Disabling**
The enable parameter is used to enable or disable the execution of

This parameter can directly receive a boolean value, true
IDS to run the check or false not to run. Or you can 
It can also receive a valid callback that should return a boolean value. With this IDS configuration can be activated in only a few requests 
the requests you want, based on the rules of valid callback passed as parameter. See
call_user_func function to learn more about valid callbacks valid.

**4) Next version 0.3**
6 0
Viewed: 15 255 times
Version: 1.1
Category: How-tos
Written by: Rafael Garcia
Last updated by: Gustavo
Created on: Jan 16, 2011
Last updated: 7 years ago
Update Article


View all history