Intruder alert

PHP is often derided as insecure. Most frequently however, weakness is not down to the language itself but poor programming techniques by amateur coders who are unfamiliar with the myriad security practices that should be employed in a defensive programming approach.

The Internet is a hive of nefarious activities by individuals looking to cause mischief or hijack websites for criminal purposes. Attack vectors are constantly evolving and can be so convoluted in their complexity that mere mortals would struggle to understand them.

Wouldn’t it be nice if somebody else stayed on top of things and could take the responsibility of scanning user input off your hands?

Enter PHPIDS — PHP-Intrusion Detection System. This security layer is very fast and simple to use. A set of tested and approved filter rules are applied to detect a potential attack and a numerical severity rating is returned that allows you to react accordingly.

New filters are released every now and again in response to newly discovered attack methods, so keeping PHPIDS up-to-date can involve a bit of manual effort. Again, wouldn’t be nice if someone could keep an eye on this for you as well?

Stick my shell script into a daily cronjob and automatically prepend PHPIDS and you’re all set.

Related Posts:

This entry was posted in Web development and tagged , . Bookmark the permalink.
  • http://nevstokes.com Nev

    Thanks for that Christian.

  • http://www.web-punk.com/ Christian

    Just in case you are using Zend Framework and would like to integrate PHP-IDS: I’ve published a useful open-source Plugin for ZF that enables you to easily integrate PHP-IDS in your ZF apps.

    You may download it from Google Code: http://code.google.com/p/zids/

    Bye
    Christian