Shieldon is a Web Application Firewall (WAF) for PHP. Taking less than 10 minutes only, PHP expert developers will understand how to implement Shiedon Firewall on their Web applications. The goal of this library is to make the PHP community more secure and being extremely easy-to-use.
- Website: https://shieldon.io
- GitHub Repository: https://github.com/terrylinooo/shieldon
- Changelog
This is basic concepts about how Shieldon works.
- The network-layer firewall such as CloudFlare.
- The system-layer firewall such as iptables module.
- To use firewall software in the Web application layer, we are capable of implementing Shieldon in a very early stage of your APP, mostly just after Composer autoloader.
- Shieldon analyzes all your HTTP and HTTPS requests.
- Once Shieldon has detected strange behaviors of a request, Shieldon will temporarily ban them and prompt them CAPTCHA for them to unban.
- If a request fails in a row many times (depends on your setting), they will be permanently banned in current data circle.
- If a request has been permanently banned, but they still access your page, drop them in System-layer firewall - iptables.
- SEO friendly
- Http-type DDOS mitigation.
- Anti-scraping.
- Online session control.
- Cross-site scripting (XSS) protection.
- Interrupting vulnerability scanning.
- Eradicating brute force attacks.
- IP manager.
- Protecting pages via WWW-Authenticate.
- Detailed statistics and charts.
- Send notifications when specific events occurred. Supported modules:
- Telegram
- Line Notify
- Rocket Chat
- Slack
- SendGrid
- Mailgun
- Mail (Using Native PHP mail function.)
- SMTP
- Web UI for System firewall - iptables and ip6tables.
Use PHP Composer:
composer require shieldon/shieldonOr, download it and include the Shieldon autoloader.
require 'Shieldon/autoload.php';Here are the guides of integrating with the popular PHP frameworks.
Shieldon provides a Firewall Instance, and it's visualization UI called Firewall Panel. By using Shieldon Firewall, you can easily implement it on your Web application.
Click here to view demo.
- user:
demo - password:
demo
Only a few screenshots are listed below.
You can see the real-time data here if Online Session Limit is enabled.
You can temporarily ban a user here.
Shieldon's Firewall Panel is fully responsive, and you can manage it when you are not in front of your computer, using your mobile phone at any time.
When the users or robots are trying to view many your web pages in a short period of time, they will temporarily get banned. Get unbanned by solving a Catpcha.
When a user has been permanently banned.
When a user has reached the online session limit.
Provided by Messenger library.
Send notification via Telegram API.
Welcome to contribute your idea to this project. Before sending your pull request, please make sure everything is tested well without errors.
- MySQL or MariaDB installed.
- Redis installed. (Also require PHP extension
php_redis)
-
Run
composer updateto install required libraries.composer update
-
Create a writable folder
tmp. (same level withsrcfolder.) for temporary testing files.mkdir tmp chmod 777 tmp
-
Create a MySQL database
shieldon_unittestmysql -u root -e 'CREATE DATABASE shieldon_unittest;' -
Create a user
shieldon'@'localhostwith passwordtaiwan.mysql -u root -e "CREATE USER 'shieldon'@'localhost' IDENTIFIED BY 'taiwan';" -
Grant database permissions on
shieldon_unittesttoshieldon'@'localhost.mysql -u root -e "GRANT ALL ON shieldon_unittest.* TO 'shieldon'@'localhost';"
composer testThank you very much for considering contributing to Shieldon Firewall, yet we need your help to translate our webiste, documentation and i18n files in Shieldon library. Here are the links:
Shieldon library is brought to you by Terry L. from Taiwan.
Shieldon Firewall is an open-sourced software licensed under the MIT license.