欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

PHP入侵检测系统—PHPIDS

程序员文章站 2022-04-22 17:54:31
PHP5.1.2 or better Apache mod_rewrite 安装步骤: 1、下载phpids   https://phpids.org/downl...

PHP5.1.2 or better

Apache

mod_rewrite

安装步骤:

1、下载phpids   https://phpids.org/downloads/

2、解压phpids至网站根目录

3、如果无法解压至根目录可使用mod_rewrite

RewriteEngine On
RewriteCond %{REQUEST_URI} ^/phpids(.*)
RewriteRule ^(.+)$ – [F]

 

配置使用:

1、编辑config/config.ini.php自定义配置。

[General] 
    filter_type = xml 
    use_base_path = false 
    filter_path = default_filter.xml 
    tmp_path  = tmp 
    scan_keys  = false 
    HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php 
    HTML_Purifier_Cache = IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer 
    html[] = __wysiwyg 
    json[]  = __jsondata 
    exceptions[]  = __utmz 
    exceptions[] = __utmc 
    min_php_version = 5.1.2 
[Logging] 
    path = tmp/phpids_log.txt 
    recipients[] = me@domain.com 
    subject = “PHPIDS detected an intrusion attempt!” 
    header = “From: <PHPIDS> noreply@domain.com” 
    envelope = “” 
    safemode = true 
    allowed_rate = 15 

[Caching] 
    caching = file 
    expiration_time = 600 
    path = tmp/default_filter.cache 

 

2、启用phpids,可以将phpids的加载脚本写入一个单独的php文件,然后通过php.ini中的auto_prepend_file选项自动加载。

ids.php

<?php 

// set the include path properly for PHPIDS 
set_include_path( 
    get_include_path() 
    . PATH_SEPARATOR 
    . ‘phpids/lib/’ 
); 

if (!session_id()) { 
    session_start(); 
} 

require_once ‘IDS/Init.php’; 

try { 
    $request = array( 
      ‘REQUEST’ => $_REQUEST, 
      ‘GET’ => $_GET, 
      ‘POST’ => $_POST, 
      ‘COOKIE’ => $_COOKIE 
    ); 
    $init = IDS_Init::init(dirname(__FILE__) . ‘/phpids/lib/IDS/Config/Config.ini.php’); 
    $f=$init->config['General']['base_path'] = dirname(__FILE__) . ‘/phpids/lib/IDS/’; 
    echo $f; 
    $init->config['General']['use_base_path'] = true; 
    $init->config['Caching']['caching'] = ‘file’; 
    $ids = new IDS_Monitor($request, $init); 
    $result = $ids->run(); 
    if (!$result->isEmpty()) { 
        require_once ‘IDS/Log/File.php’; 
        require_once ‘IDS/Log/Email.php’; 
        require_once ‘IDS/Log/Composite.php’; 
        $compositeLog = new IDS_Log_Composite(); 
        $compositeLog->addLogger(IDS_Log_Email::getInstance($init),IDS_Log_File::getInstance($init)); 
        $compositeLog->execute($result); 
    } 
} catch (Exception $e) { 
   //this shouldn’t happen and if it does you don’t want the notification public. 
} 
?> 

 

2、编辑php.ini,加入以下内容:

auto_prepend_file /full/path/to/ids.php