I think it would be a nice feature to have a rules event that occurs when an intrusion is detected. So once could easily configure custom reactions, like blocking the user or informing the admin.

Rules dev docs can be found here: http://drupal.org/node/298486

Comments

it-cru’s picture

it-cru
Primary language English
Location Munich
commented
Version: 6.x-1.x-dev » 6.x-1.8
Assigned: Unassigned » it-cru

Hello fago,

informing the admin is also integrated in version 1.8 and before. You only have to define the "Mail impact" and "EMail" under admin -> settings -> logging -> phpids. Then PHPIDS sent out an email if detected impact level is equal or higher than "Mail impact" value.

Blocking a penetrant user I have on my todo list. But it would be not be realized in version phpids-6.x-1.9.

I hope this information helps you?

greetz Gos77

it-cru’s picture

it-cru
Primary language English
Location Munich
commented
Version: 6.x-1.8 » 6.x-1.x-dev
Status: Active » Needs work
patrickd’s picture

patrickd commented
Status: Needs work » Closed (won't fix)

Full rules integration is a planned feature for 7.x-2.x, see appropriate task