Skip to content

riverside/php-waf

BranchesTags

Repository files navigation

php-waf

PHP Web Application Firewall

Build Stable License
CI Latest Stable Version License

Requirements

  • PHP >= 7.0

Installation

If Composer is not installed on your system yet, you may go ahead and install it using this command line:

$ curl -sS https://getcomposer.org/installer | php

Next, add the following require entry to the composer.json file in the root of your project.

{ "require" : { "riverside/php-waf" : "^2.0" } }

Finally, use Composer to install php-waf and its dependencies:

$ php composer.phar install

How to use

  1. Configure your web server
    • Apache
    php_value auto_prepend_file "/path/to/waf.php"
    • Nginx
    fastcgi_param PHP_VALUE "auto_prepend_file=/path/to/waf.php";
  2. Create an Firewall instance
    • waf.php
    <?php $waf = new \Riverside\Waf\Firewall(); $waf->run();

Available filters

Filter Description
Sql SQL Injection
Crlf CRLF Injection
Xss Cross-site Scripting
Xml XML Attacks

Migration Guide to Version 2.0.0

What's changed

In version 2.0.0, I have made the following updates to improve consistency and adherence to PHP best practices:

  1. Namespace renamed
    • Old namespace: PhpWaf
    • New namespace: Riverside\Waf
  2. Class names renamed
    • Old names:
      • src/Filter/CRLF.php (Class CRLF)
      • src/Filter/SQL.php (Class SQL)
      • src/Filter/XML.php (Class XML)
      • src/Filter/XSS.php (Class XSS)
      • src/BaseFilter.php (Class BaseFilter)
    • New names:
      • src/Filter/Crlf.php (Class Crlf)
      • src/Filter/Sql.php (Class Sql)
      • src/Filter/Xml.php (Class Xml)
      • src/Filter/Xss.php (Class Xss)
      • src/AbstractFilter.php (Class AbstractFilter)
How to update your codebase
  1. Update class imports:
    • Old way:
      • use PhpWaf\Firewall;
      • use PhpWaf\Filter\CRLF;
      • use PhpWaf\Filter\SQL;
      • use PhpWaf\Filter\XML;
      • use PhpWaf\Filter\XSS;
    • New way:
      • use Riverside\Waf\Firewall;
      • use Riverside\Waf\Filter\Crlf;
      • use Riverside\Waf\Filter\Sql;
      • use Riverside\Waf\Filter\Xml;
      • use Riverside\Waf\Filter\Xss;

About

💂‍♂️ PHP Web Application Firewall

Topics

php firewall waf web-application-firewall php-firewall webapp-firewall

Resources

Readme

License

MIT license
Activity

Stars

32 stars

Watchers

2 watching

Forks

13 forks
Report repository

Releases 3

Version 2.0.0 Latest
Sep 7, 2024
+ 2 releases

Sponsor this project

Packages

 
 
 

Languages