Shieldon一个PHP库用于为Web程序提供反爬和在线会话控制功能

Shieldon一个PHP库用于为Web程序提供反爬和在线会话控制功能

Shieldon is a Web APPlication Firewall (WAF) for PHP. Taking less than 10 minutes only, PHP expert developers will understand how to implement Shiedon Firewall on their Web applications. The goal of this library is to make the PHP community more secure and being extremely easy-to-use.

Website: https://shieldon.ioGitHub repository: https://github.com/terrylinooo/shieldonWordPress plugin: https://wordpress.org/plugins/wp-shieldon/

Concepts

This is basic concepts about how Shieldon works.

The network-layer firewall such as CloudFlare.The system-layer firewall such as iptables module.To use firewall software in the Web application layer, we are capable of implementing Shieldon in a very early stage of your APP, mostly just after Composer autoloader.Shieldon analyzes all your HTTP and HTTPS requests.Once Shieldon has detected strange behaviors of a request, Shieldon will temporarily ban them and prompt them CAPTCHA for them to unban.If a request fails in a row many times (depends on your setting), they will be permanently banned in current data circle.If a request has been permanently banned, but they still access your page, drop them in System-layer firewall - iptables.

Features

SEO friendlyHttp-type DDOS mitigation.Anti-scraping.Online session control.Cross-site scripting (XSS) protection.Interrupting vulnerability scanning.Eradicating brute force attacks.IP manager.Protecting pages via WWW-Authenticate.Detailed statistics and charts.Send notifications when specific events occurred. Supported modules: TelegramLine NotifyRocket ChatSlackSendGridMailgunMail (Using Native PHP mail function.)SMTP Web UI for System firewall - iptables and ip6tables.

Installation

Use PHP Composer:

composer require shieldon/shieldon

Or, download it and include the Shieldon autoloader.

require 'Shieldon/autoload.php';

Implementing

Here are the guides of integrating with the popular PHP frameworks.

LaravelSymfonyCodeIgniterCakePHPYiiZendSlimFat-FreeFuelPHPixie

Firewall Panel

Shieldon provides a Firewall Instance, and it's visualization UI called Firewall Panel. By using Shieldon Firewall, you can easily implement it on your Web application.

Click here to view demo.

user: demopassword: demo

Screenshots

Only a few screenshots are listed below.

Firewall Panel

Captcha Stats

Online Session Stats

You can see the real-time data here if Online Session Limit is enabled.

Rule Table

You can temporarily ban a user here.

Responsive

Shieldon's Firewall Panel is fully responsive, and you can manage it when you are not in front of your computer, using your mobile phone at any time.

Dialog

Temporarily Ban a User

When the users or robots are trying to view many your web pages in a short period of time, they will temporarily get banned. Get unbanned by solving a Catpcha.

Permanently Ban a User

When a user has been permanently banned.

Online Session Control

When a user has reached the online session limit.

Notification

Provided by Messenger library.

Send notification via Telegram API.

Contributing

Core Function

Welcome to contribute your idea to this project. Before sending your pull request, please make sure everything is tested well without errors.

Requirements

MySQL or MariaDB installed.Redis installed. (Also require PHP extension php_redis)

Steps

Run composer update to install required libraries.composer update Create a writable folder tmp. (same level with src folder.) for temporary testing files.mkdir tmpchmod 777 tmp Create a MySQL database shieldon_unittestmysql -u root -e 'CREATE DATABASE shieldon_unittest;' Create a user shieldon'@'localhost with password taiwan.mysql -u root -e "CREATE USER 'shieldon'@'localhost' IDENTIFIED BY 'taiwan';" Grant database permissions on shieldon_unittest to shieldon'@'localhost.mysql -u root -e "GRANT ALL ON shieldon_unittest.* TO 'shieldon'@'localhost';"

Run test

composer test

Help with Transation

Thank you very much for considering contributing to Shieldon Firewall, yet we need your help to translate our webiste, documentation and i18n files in Shieldon library. Here are the links:

WebsiteDocumentationi18n files in Shieldon library

Author

Shieldon library is brought to you by Terry L. from Taiwan.

License

Shieldon Firewall is an open-sourced software licensed under the MIT license.

Changelog

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。