Federico Cargnelutti

Simple is better than complex. Complex is better than complicated. | @fedecarg

Intrusion Detection For PHP Applications With PHPIDS

with 2 comments

This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.

Advertisement

Written by Federico

June 22, 2008 at 10:37 pm

Posted in PHP, Security, Tools

«
»

2 Responses

Subscribe to comments with RSS.

  1. Useful post, thanks for the pointer. I may have a bash at using this in an upcoming project.

    Adam Charnock

    June 22, 2008 at 11:00 pm

  2. [...] would help to demonstrate the power of this with a practical example of their usage: whilst reading this entry on PHPIDS I thought that seemed like a prime candidate for an example and so by following along [...]

    Ninjapenguin - Home page of Matthew Wells » Blog Archive » Practical Kohana Hooks example: PHPIDS

    June 29, 2008 at 10:12 am


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 43 other followers