PHP Web Application Firewall
| Build | License |
|---|---|
 |
- PHP >= 7.0
If Composer is not installed on your system yet, you may go ahead and install it using this command line:
$ curl -sS https://getcomposer.org/installer | php
Next, add the following require entry to the composer.json file in the root of your project.
{
"require" : {
"riverside/php-waf" : "*"
}
}Finally, use Composer to install php-waf and its dependencies:
$ php composer.phar install
- Configure your web server
- Apache
php_value auto_prepend_file "/path/to/waf.php"- Nginx
fastcgi_param PHP_VALUE "auto_prepend_file=/path/to/waf.php"; - Create an Firewall instance
- waf.php
<?php $waf = new \PhpWaf\Firewall(); $waf->run();
| Filter | Description |
|---|---|
| SQL | SQL Injection |
| CRLF | CRLF Injection |
| XSS | Cross-site Scripting |
| XML | XML Attacks |