PHP Web Application Firewall
Build | License |
---|---|
- PHP >= 7.0
If Composer is not installed on your system yet, you may go ahead and install it using this command line:
$ curl -sS https://getcomposer.org/installer | php
Next, add the following require entry to the composer.json
file in the root of your project.
{
"require" : {
"riverside/php-waf" : "*"
}
}
Finally, use Composer to install php-waf and its dependencies:
$ php composer.phar install
- Configure your web server
- Apache
php_value auto_prepend_file "/path/to/waf.php"
- Nginx
fastcgi_param PHP_VALUE "auto_prepend_file=/path/to/waf.php";
- Create an Firewall instance
- waf.php
<?php $waf = new \PhpWaf\Firewall(); $waf->run();
Filter | Description |
---|---|
SQL | SQL Injection |
CRLF | CRLF Injection |
XSS | Cross-site Scripting |
XML | XML Attacks |