19/09
2017
dev-master
9999999-dev
MIT
The Requires
The Development Requires
by Lukas Hrdlicka
Wallogit.com
2017 © Pedro Peláez
library firewall
karster/firewall
- Tuesday, September 19, 2017
- by karster
- Repository
- 1 Watchers
- 0 Stars
- 0 Installations
- PHP
- 0 Dependents
- 0 Suggesters
- 1 Forks
- 0 Open issues
- 1 Versions
- 0 % Grown
The README.md
Firewall
, (*1)
Simple firewall to protect your web application against many attacks, (*2)
Installation
The preferred way to install this extension is through composer., (*3)
Either run, (*4)
composer require karster/firewall:"dev-master"
or add, (*5)
"karster/firewall": "dev-master"
to the require section of your composer.json., (*6)
Usage
require __DIR__ . '/vendor/autoload.php';
$config = [
'logDirectory' => __DIR__ . "/firewall_logs",
'logFilesCount' => 10,
'allowAttackCount' => 5,
'active' => true,
'protection' => [
'allowedRequestMethod' => [
'active' => true
],
'allowedGlobals' => [
'active' => false
],
'urlLength' => [
'active' => true,
'rules' => 200,
],
'getProtection' => [
'active' => true,
'rules' => ['select', 'from'],
],
'urlProtection' => [
'active' => true,
'rulesFile' => 'path/to/rulesFile.json'
],
'whitelistIp' => [
'active' => true,
'rules' => ['127.0.0.1', '::1']
],
'blacklistIp' => [
'active' => true,
'rules' => ['23.254.0.1', '22.23.22.8']
]
]
];
$firewall = new \karster\security\Firewall($config);
$firewall->run();
or, (*7)
require __DIR__ . '/vendor/autoload.php';
$protections = [
'allowedRequestMethod' => [
'active' => true
],
'allowedGlobals' => [
'active' => false
],
'urlLength' => [
'active' => true,
'rules' => 200,
],
'getProtection' => [
'active' => true,
'rules' => ['select', 'from'],
],
'urlProtection' => [
'active' => true,
'rulesFile' => 'path/to/rulesFile.json'
],
'whitelistIp' => [
'active' => true,
'rules' => ['127.0.0.1', '::1']
],
'blacklistIp' => [
'active' => true,
'rules' => ['23.254.0.1', '22.23.22.8']
]
];
$firewall = new \karster\security\Firewall();
$firewall->setAllowAttackCount(5)
->setActive(true)
->setLogDirectory(__DIR__ . "/firewall_logs")
->setLogFilesCount(10)
->setProtection($protections)
->run();
- logDirectory -
string- path to directory where firewall can writes - logFilesCount -
integer- delete older logs than specific count. Set0to disable - allowAttackCount -
integer- attack count from same IP address before blacklisting (logDirectory is required). Set0to disable - active -
boolean- defaulttrue - protection -
array- associative array of protections where key is protection name and value is protection configuration
Protections
We can chose different types of protection: * allowedRequestMethod * allowedGlobals * blacklistIp * cookieProtection * getProtection * postProtection * sessionProtection * urlLength * urlProtection, (*8)
Every protection contains configuration array with parameters:
* active boolen - default true
* rules array|integer - every protection accept array except urlLength protection witch accept integer
* rulesFile string - path to json file with rules, (*9)
'cookieProtection' => [
'active' => true,
'rules' => [
'select', 'from', 'where'
],
// or
'rulesFile' => 'path/to/rulesFile.json'
]
If isn't set rules or rulesFile use default rules., (*10)
Tests
./vendor/bin/phpunit -c phpunit.xml
Contribution
Have an idea? Found a bug? See how to contribute., (*11)
License
MIT see LICENSE for the full license text., (*12)