PHPIDS. Security for php applications.

PHPIDS (PHP-Intrusion Detection System) is a security layer designed to detect malicious attacks on your application by applying a numerical rating to user input which you can handle any way you want to. It doesn't filter or sanitise any input because that isn't its job.

PHPIDS current detects attacks through XSS, SQL Injection, header injection, directory traversal, RFE/LFI, DoS and LDAP and covers several charsets like UTF-7 and special entities.

To install you just download and unpack it into a folder. It's easy to run:

set_include_path(
get_include_path()
. PATH_SEPARATOR
. 'path/to/phpids/lib'
);

require_once 'IDS/Init.php';
$request = array(
'REQUEST' => $_REQUEST,
'GET' => $_GET,
'POST' => $_POST,
'COOKIE' => $_COOKIE
);
$init = IDS_Init::init('IDS/Config/Config.ini');
$ids = new IDS_Monitor($request, $init);
$result = $ids->run();

if (!$result->isEmpty()) {
// Take a look at the result object
echo $result;
}

And like many good software projects, it's open source!

• Slashdot it!
• Digg it:
  
• Del.icio.us