riverside / php-waf
PHP Web Application Firewall
Fund package maintenance!
www.paypal.me/Dimitar81
Requires
- php: >=7.0
Requires (Dev)
This package is auto-updated.
Last update: 2024-12-07 20:44:29 UTC
README
PHP Web Application Firewall
Requirements
- PHP >= 7.0
Installation
If Composer is not installed on your system yet, you may go ahead and install it using this command line:
$ curl -sS https://getcomposer.org/installer | php
Next, add the following require entry to the composer.json
file in the root of your project.
{ "require" : { "riverside/php-waf" : "^2.0" } }
Finally, use Composer to install php-waf and its dependencies:
$ php composer.phar install
How to use
- Configure your web server
- Apache
php_value auto_prepend_file "/path/to/waf.php"
- Nginx
fastcgi_param PHP_VALUE "auto_prepend_file=/path/to/waf.php";
- Create an Firewall instance
- waf.php
<?php $waf = new \Riverside\Waf\Firewall(); $waf->run();
Available filters
Migration Guide to Version 2.0.0
What's changed
In version 2.0.0, I have made the following updates to improve consistency and adherence to PHP best practices:
- Namespace renamed
- Old namespace:
PhpWaf
- New namespace:
Riverside\Waf
- Old namespace:
- Class names renamed
- Old names:
src/Filter/CRLF.php
(ClassCRLF
)src/Filter/SQL.php
(ClassSQL
)src/Filter/XML.php
(ClassXML
)src/Filter/XSS.php
(ClassXSS
)src/BaseFilter.php
(ClassBaseFilter
)
- New names:
src/Filter/Crlf.php
(ClassCrlf
)src/Filter/Sql.php
(ClassSql
)src/Filter/Xml.php
(ClassXml
)src/Filter/Xss.php
(ClassXss
)src/AbstractFilter.php
(ClassAbstractFilter
)
- Old names:
How to update your codebase
- Update class imports:
- Old way:
use PhpWaf\Firewall;
use PhpWaf\Filter\CRLF;
use PhpWaf\Filter\SQL;
use PhpWaf\Filter\XML;
use PhpWaf\Filter\XSS;
- New way:
use Riverside\Waf\Firewall;
use Riverside\Waf\Filter\Crlf;
use Riverside\Waf\Filter\Sql;
use Riverside\Waf\Filter\Xml;
use Riverside\Waf\Filter\Xss;
- Old way: