Skip to content

Commit

Permalink
First version of the ZeSecurity module.
Browse files Browse the repository at this point in the history 
Currently contains a wrapper for PHPIDS (modified to follow PSR-0 and removed require_once), ability to set up unlimited threat levels and to define new actions to handle attacks.
  • Loading branch information
@cosmin-harangus
cosmin-harangus committed Jun 19, 2012
1 parent abf32c5 commit 0f7365e
Show file tree
Hide file tree
Showing 410 changed files with 32,072 additions and 1 deletion.
5 changes: 5 additions & 0 deletions .htaccess
View file
@@ -0,0 +1,5 @@
# in case PHPIDS is placed in the web-root
deny from all

# silence is golden
php_flag display_errors off
30 changes: 30 additions & 0 deletions LICENSE
View file
@@ -0,0 +1,30 @@
Copyright (c) 2012 to ZendExperts Team, see AUTHORS for more details.

Some rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.

* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.

* The names of the contributors may not be used to endorse or
promote products derived from this software without specific
prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
82 changes: 82 additions & 0 deletions Module.php
View file
@@ -0,0 +1,82 @@
<?php
/**
* This file is part of ZeSecurity
*
* (c) 2012 ZendExperts <team@zendexperts.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace ZeSecurity;

use Zend\ModuleManager\Feature\AutoloaderProviderInterface,
Zend\Mvc\MvcEvent,
IDS\MonitorFactory;

/**
* ZeSecurity Module class
* @package ZeSecurity
* @author Cosmin Harangus <cosmin@zendexperts.com>
*/
class Module implements AutoloaderProviderInterface
{
protected static $serviceManager = null;

public function onBootstrap(MvcEvent $event)
{
// Set the static service manager instance so we can use it everywhere in the module
$app = $event->getApplication();
self::$serviceManager = $app->getServiceManager();
$idsMonitor = self::$serviceManager->get('ZeSecurityIDS');

$idsMonitor->detect();
unset($idsMonitor);
}

/**
* Get Autoloader Config
* @return array
*/
public function getAutoloaderConfig()
{
return array(
'Zend\Loader\ClassMapAutoloader' => array(
__DIR__ . '/autoload/classmap.php',
),
'Zend\Loader\StandardAutoloader' => array(
'namespaces' => array(
__NAMESPACE__ => __DIR__ . '/src/' . __NAMESPACE__,
),
),
);
}

/**
* Get Service Configuration
* @return array
*/
public function getServiceConfiguration(){
return include __DIR__ . '/config/service.config.php';
}

/**
* Get Module Configuration
* @return mixed
*/
public function getConfig()
{
$config = include __DIR__ . '/config/module.config.php';
return $config;
}

/**
* Return the ServiceManager instance
* @static
* @return \Zend\ServiceManager\ServiceManager
*/
public static function getServiceManager()
{
return static::$serviceManager;
}

}
49 changes: 48 additions & 1 deletion README.md
View file
@@ -1,4 +1,51 @@
ZeSecurity
==========

A ZF2 module that adds an out of the box security layer for your applications based on PHPIDS.
ZeSecurity is a Zend Framework 2 module that integrates a security layer in your
applications. It includes various components to manage security threats:

IDS - Powered by [PHP IDS (Intrusion Detection System)](https://phpids.org/):
-----------------------------------------------------------------------------

This component scans any user input, be it sent via POST, GET or COOKIE and tries to see if the
user input can be considered a threat. Any number of threat levels can be defined with various
actions for each one via the configuration file.

Using this component you can define multiple threat levels, what actions should be taken for each
level and also register new plugins for handling attacks.

Installation / Usage
====================

ZeSecurity can be installed using Composer by simply adding the following lines to your composer.json file:

"require": {
"ZendExperts/ZeSecurity": "1.0.*"
}

Then run `php composer.phar update`.

After the module is installed copy the "zesecurity.ids.global.php" file from "ZeSecurity/config/" in the "/config/autoload/" folder and
modify the paths to temp, log or cache files:

// define used paths by ZeSecurity IDS
$ids = array(
'log'=> __DIR__ . '/../../data/log/ze_security.ids.log',
'tmp'=> __DIR__ . '/../../data/tmp/',
'cache'=> __DIR__ . '/../../data/cache/ze_security.ids.cache'
);

In the same configuration file a default range of attack levels is defined with various actions for each one.

Feel free to change them per your needs or define new actions in the actions array. By default the following actions are defined:
- ignore: Do nothing with the attack report
- log: Save a log message in a stream, email, db, etc. depending on the writter factory param. Currently only stream/file and email are defined.
- notify: Send an email with the report using the options defined in the actions array for this action.
- redirect: Redirect to a specific URL.
- clean_session: Destroy the session to log out any users. When used along with redirect you can log out any users and redirect them to a specic page.

Documentation
=============
Comming soon.

In the meanwhile please be sure to check out the [PHP IDS (Intrusion Detection System)](https://phpids.org/) documentation.
8 changes: 8 additions & 0 deletions autoload/classmap.php
View file
@@ -0,0 +1,8 @@
<?php
/**
* Generated Class-File Relation Config
*/
$prefix = dirname(__DIR__) . "";
return array(

);
12 changes: 12 additions & 0 deletions autoload/function.php
View file
@@ -0,0 +1,12 @@
<?php
return function ($class) {
static $map;
if (!$map) {
$map = include __DIR__ . '/classmap.php';
}

if (!isset($map[$class])) {
return false;
}
return include $map[$class];
};
2 changes: 2 additions & 0 deletions autoload/register.php
View file
@@ -0,0 +1,2 @@
<?php
spl_autoload_register(include __DIR__ . '/function.php');
31 changes: 31 additions & 0 deletions composer.json
View file
@@ -0,0 +1,31 @@
{
"name": "ZendExperts/ZeSecurity",
"type": "library",
"description": "ZeSecurity is a Zend Framework 2 module that adds an out of the box security layer for your applications based on PHPIDS(Intrusion Detection System)(https://phpids.org/).",
"keywords": ["module", "zf2", "security", "phpids"],
"homepage": "https://github.com/ZendExperts/ZeSecurity",
"license": "New BSD",
"authors": [
{
"name": "Cosmin Harangus",
"homepage": "http://www.zendexperts.com"
}
],
"require": {
"php": ">=5.3.3"
},
"autoload": {
"psr-0": {
"ZeSecurity": "src/",
"IDS_": "vendor/"
},
"classmap":[
"./"
]
},
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
}
}
72 changes: 72 additions & 0 deletions config/module.config.php
View file
@@ -0,0 +1,72 @@
<?php
return array(
'zendexperts_security' => array(
'IDS'=>array(
'aggregate_in_session'=>true,
'levels' =>array(),
'actions' => array(
'ignore' => array(
'class' => 'ZeSecurity\IDS\Action\Ignore',
),
'redirect' => array(
'class' => 'ZeSecurity\IDS\Action\Redirect',
'options' => array(
'url'=>'/'
)
),
'clean_session' => array(
'class' => 'ZeSecurity\IDS\Action\CleanSession',
'options'=> array(
'send_expire_cookie' => true,
'clear_storage' => true,
),
)
),
'options'=>array(
'General'=>array(
'filter_type' => 'xml',
'filter_path' => __DIR__ . '/../vendor/IDS/default_filter.xml',
// 'base_path' => __DIR__ . '/../vendor/IDS/',
'use_base_path' => false,
// 'tmp_path' => __DIR__ . '/../../../data/tmp/',
'scan_keys' => false,
// in case you want to use a different HTMLPurifier source, specify it here
// By default, those files are used that are being shipped with PHPIDS
'HTML_Purifier_Path' => 'vendors/htmlpurifier/HTMLPurifier.auto.php',
'HTML_Purifier_Cache' => 'vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer',
// define which fields contain html and need preparation before hitting the PHPIDS rules(new in PHPIDS 0.5)
'html' => array(),
// define which fields contain JSON data and should be treated as such; for fewer false positives(new in PHPIDS 0.5.3)
'json' => array(),
// define which fields shouldn't be monitored (a[b]=c should be referenced via a.b)
// you can use regular expressions for wildcard exceptions - example: /.*foo/i
'exceptions' => array(
'GET.__utmz',
'GET.__utmc'
),
'min_php_version' => '5.1.6',
),
'Caching'=>array(
//caching: session|file|database|memcached|none
'caching' => 'none',
'expiration_time' => 600,
// 'path' => __DIR__ . '/../../../data/cache/ze_security.ids.cache',
// 'path' => 'tmp/default_filter.cache'
/**
; database cache
wrapper = "mysql:host=localhost;port=3306;dbname=phpids"
user = phpids_user
password = 123456
table = cache
; memcached
;host = localhost
;port = 11211
;key_prefix = PHPIDS
*/
),
)
)
),

);
6 changes: 6 additions & 0 deletions config/service.config.php
View file
@@ -0,0 +1,6 @@
<?php
return array(
'factories' => array(
'ZeSecurityIDS' =>'ZeSecurity\IDS\MonitorFactory',
)
);

0 comments on commit 0f7365e

Please sign in to comment.