PHP入侵检测系统—PHPIDS
程序员文章站
2022-04-22 17:54:31
PHP5.1.2 or better
Apache
mod_rewrite
安装步骤:
1、下载phpids https://phpids.org/downl...
PHP5.1.2 or better
Apache
mod_rewrite
安装步骤:
1、下载phpids https://phpids.org/downloads/
2、解压phpids至网站根目录
3、如果无法解压至根目录可使用mod_rewrite
RewriteEngine On RewriteCond %{REQUEST_URI} ^/phpids(.*) RewriteRule ^(.+)$ – [F]
配置使用:
1、编辑config/config.ini.php自定义配置。
[General] filter_type = xml use_base_path = false filter_path = default_filter.xml tmp_path = tmp scan_keys = false HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php HTML_Purifier_Cache = IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer html[] = __wysiwyg json[] = __jsondata exceptions[] = __utmz exceptions[] = __utmc min_php_version = 5.1.2 [Logging] path = tmp/phpids_log.txt recipients[] = me@domain.com subject = “PHPIDS detected an intrusion attempt!” header = “From: <PHPIDS> noreply@domain.com” envelope = “” safemode = true allowed_rate = 15 [Caching] caching = file expiration_time = 600 path = tmp/default_filter.cache
2、启用phpids,可以将phpids的加载脚本写入一个单独的php文件,然后通过php.ini中的auto_prepend_file选项自动加载。
ids.php
<?php // set the include path properly for PHPIDS set_include_path( get_include_path() . PATH_SEPARATOR . ‘phpids/lib/’ ); if (!session_id()) { session_start(); } require_once ‘IDS/Init.php’; try { $request = array( ‘REQUEST’ => $_REQUEST, ‘GET’ => $_GET, ‘POST’ => $_POST, ‘COOKIE’ => $_COOKIE ); $init = IDS_Init::init(dirname(__FILE__) . ‘/phpids/lib/IDS/Config/Config.ini.php’); $f=$init->config['General']['base_path'] = dirname(__FILE__) . ‘/phpids/lib/IDS/’; echo $f; $init->config['General']['use_base_path'] = true; $init->config['Caching']['caching'] = ‘file’; $ids = new IDS_Monitor($request, $init); $result = $ids->run(); if (!$result->isEmpty()) { require_once ‘IDS/Log/File.php’; require_once ‘IDS/Log/Email.php’; require_once ‘IDS/Log/Composite.php’; $compositeLog = new IDS_Log_Composite(); $compositeLog->addLogger(IDS_Log_Email::getInstance($init),IDS_Log_File::getInstance($init)); $compositeLog->execute($result); } } catch (Exception $e) { //this shouldn’t happen and if it does you don’t want the notification public. } ?>
2、编辑php.ini,加入以下内容:
auto_prepend_file /full/path/to/ids.php
下一篇: 痕若无缘伤梦堤,但看醉离写魂征