hongliang / defender
Defend your site from malicious scans
Installs: 120
Dependents: 0
Suggesters: 0
Security: 0
Stars: 3
Watchers: 3
Forks: 2
Open Issues: 0
Type:application
This package is not auto-updated.
Last update: 2024-12-20 12:43:48 UTC
README
Defender
Defend your site from malicious scans. It works with defense voters. Currently request URI keyword and IP range defense voters are supported.
Installation
Install via composer
composer require hongliang/defender
How it works
If you are running a Silex or Symfony application, the following code should be injected after the autoload but before the routers. Otherwise it will trigger an undefined route exception.
The simple way:
\Hongliang\Defender\Defender::defend();
The customized way:
use Hongliang\Defender\Defender; use Hongliang\Defender\Voter\IpRangeVoter; use Hongliang\Defender\Voter\UriKeywordVoter; $defender = new Defender(); $defender->addVoter(new IpRangeVoter()) ->addVoter(new UriKeywordVoter()) ->react();
Customize to your own needs:
use Hongliang\Defender\Defender; use Hongliang\Defender\Voter\IpRangeVoter; use Hongliang\Defender\Voter\UriKeywordVoter; use Hongliang\Defender\Voter\SpiderVoter; // it's possible to customize the level of reaction as the 2nd parameter of addVoter() // it's possible to set a URL to redirect to when the level is revenge or higher. By default it's localhost $defender = new Defender(); $defender->addVoter(new IpRangeVoter(), Defender::FORBIDDEN) ->addVoter(new UriKeywordVoter(), Defender::REVENGE) ->addVoter(new SpiderVoter(), Defender::DENY) ->setRedirectUrl('http://www.google.com') ->react();
More advanced use:
use Hongliang\Defender\Defender; use Hongliang\Defender\Voter\IpRangeVoter; use Hongliang\Defender\Voter\UriKeywordVoter; use Hongliang\Defender\Voter\SpiderVoter; $voter = new UriKeywordVoter(); $voter->setAssets(['fckedit', '/wp-']); $ipVoter = new IpRangeVoter(); $ipVoter->setAssets([['0.0.0.0', '255.255.255.255']]); $spiderVoter = new SpiderVoter(); $spiderVoter->setAssets(['Baiduspider', '360spider']); $defender = new Defender(); $defender->addVoter($ipVoter, Defender::FORBIDDEN) ->addVoter($voter, Defender::DENY) ->addVoter($spiderVoter, Defender::DENY) ->react();
TODO
- Separate IP ranges into separate file or even external resource
- Build IP ranges into long integer for better performance
- Support logging and log everything that's above the normal level
- Separate URI keywords into categories, e.g. Wordpress, Joomla. This way it's possible to be used in those CMSes.