Shieldon is a Web Application Firewall (WAF) for PHP. Taking less than 10 minutes only, PHP expert developers will understand how to implement Shiedon Firewall on their Web applications. The goal of this library is to make the PHP community more secure and being extremely use-to-use.
This is basic concepts about how Shieldon works.
- The network-layer firewall such as CloudFlare.
- The system-layer firewall such as iptables module.
- To use firewall software in the Web application layer, we are capable of implementing Shieldon in a very early stage of your APP, mostly just after Composer autoloader.
- Shieldon analyzes all your HTTP and HTTPS requests.
- Once Shieldon has detected strange behaviors of a request, Shieldon will temporarily ban them and prompt them CAPTCHA for them to unban.
- If a request fails in a row many times (depends on your setting), they will be permanently banned in current data circle.
- If a request has been permanently banned, but they still access your page, drop them in System-layer firewall - iptables.
- SEO friendly
- Http-type DDOS mitigation.
- Online session control.
- Cross-site scripting (XSS) protection.
- Interrupting vulnerability scanning.
- Eradicating brute force attacks.
- IP manager.
- Protecting pages via WWW-Authenticate.
- Detailed statistics and charts.
- Send notifications when specific events occurred. Supported modules:
- Line Notify
- Web UI for System firewall - iptables and ip6tables.
- More features will come...
Use PHP Composer:
composer require shieldon/shieldon
Or, download it and include the Shieldon autoloader.
Here are the guides of integrating with the popular PHP frameworks.
Shieldon provides a Firewall Instance, and it's visualization UI called Firewall Panel. By using Shieldon Firewall, you can easily implement it on your Web application.
Click here to view demo.
Only a few screenshots are listed below.
Online Session Stats
You can see the real-time data here if
Online Session Limit is enabled.
You can temporarily ban a user here.
Shieldon's Firewall Panel is fully responsive, and you can manage it when you are not in front of your computer, using your mobile phone at any time.
Temporarily Ban a User
When the users or robots are trying to view many your web pages in a short period of time, they will temporarily get banned. Get unbanned by solving a Catpcha.
Permanently Ban a User
When a user has been permanently banned.
Online Session Control
When a user has reached the online session limit.
Provided by Messenger library.
Send notification via Telegram API.
Shieldon library is brought to you by Terry L. from Taiwan.
Thank you very much for considering contributing to Shieldon Firewall, yet we need your help to translate our webiste, documentation and i18n files in Shieldon library. Here are the links:
Shieldon Firewall is an open-sourced software licensed under the MIT license.