Download & Extend

PHPIDS

Posted by IT-Cru on July 10, 2007 at 10:26pm

2010-Aug-10 PHPIDS-7.x-1.0-dev tested & works for D7 alpha6 now

#D7CX: The goal is to deprecate this module on the day that Drupal 7 is released. Please review the new PHPIDS module branch there to help us achieve this goal.

PHPIDS module adds a security layer based on http://phpids.org and is interesting if you want to know how and when (anonymous) users try to break your site by logging their attacks. It can send a mail and/or redirect the (anonymous) user to a warning page after a certain level of impact has been reached. On the settings page you can choose what you want to do with anonymous and authenticated users (ignore, log, log & action).

Installation instructions are in the README.txt included in all releases. Please check phpids settings and status report after installing or upgrading phpids module

    Requirements
  • PHP 5.1.6 or higher (better 5.2.x)
  • PHPIDS package from http://phpids.org
    Tested PHPIDS versions
  • PHPIDS 0.6.5 (tested with 6.x-1.11 / 6.x-2.x-dev)
  • PHPIDS 0.6.4 (since 6.x-1.11)
  • PHPIDS 0.6.3.1 (since 6.x-1.10)
  • PHPIDS 0.6.2
  • PHPIDS 0.6.1.1
  • PHPIDS 0.6
  • PHPIDS 0.5.4 (very old)

Roadmap

With D7 coming soon, I'll develop a new branch version for all active Drupal versions. I hope to have a stable PHPIDS module ready with launch of D7. Please review, test and give feedback for new branches.

    Overview of PHPIDS module branches
  • phpids-7.x-1.0
  • phpids-6.x-2.0
  • phpids-5.x-3.0
    New features of new PHPIDS module branch
  • Same codebase for D5, D6 and D7
  • More infos in warning mail
  • Editable warning page
  • Test-only mode
    ToDo list for new PHPIDS module branch:
  • Review code of hook_requirements
  • Update README.txt

Example to reduce false positives (since 6.x-1.10 and new branches)

To reduce false positives from PHPIDS which flood your logs, sends warning mails or block suspicious user activities, follow these steps to configure your PHPIDS correct.

  1. Pickup a false positive log-entry from Administer->Reports->Recent log entries by filtering for phpids
  2. Select the variable name which includes possible false values like html or json from this log entry
  3. Enter this variable name coma separated into html and/or json included fields in PHPIDS admin form (Administer->Site Configuration->Logging and alerts->PHPIDS settings)
  4. Save your new PHPIDS settings
  5. Now the total impact value should be lower than before

Downloads

Recommended releases

Version Downloads Date Links
6.x-1.11 tar.gz (10.81 KB) | zip (12.6 KB) 2010-Aug-09 Notes
5.x-2.0 tar.gz (9.3 KB) | zip (10.47 KB) 2008-Mar-22 Notes

Development releases

Version Downloads Date Links
7.x-1.x-dev tar.gz (12.85 KB) | zip (16.39 KB) 2011-Feb-25 Notes
6.x-2.x-dev tar.gz (12.83 KB) | zip (16.36 KB) 2011-Feb-25 Notes
6.x-1.x-dev tar.gz (10.77 KB) | zip (12.35 KB) 2011-Feb-25 Notes
5.x-3.x-dev tar.gz (12.83 KB) | zip (16.36 KB) 2011-Feb-25 Notes

Project Information


Maintainers for PHPIDS

  • Gos77 - 49 commits
    last: 1 year ago, first: 3 years ago

Issues for PHPIDS

To avoid duplicates, please search before submitting a new issue.
All issues
14 open, 57 total
Bug reports
1 open, 21 total
Subscribe via e-mail
Oldest open issue: 16 Jun 09
nobody click here