PHPIDS

PHPIDS (PHP Intrusion Detection System) is an open source PHP Web Application Intrusion Detection System. It was written by Mario Heiderich, Christian Matthies, Lars H. Strojny and several others in March 2007. It was then ported into other frameworks later on, and distributed under the LGPL License.

Goal

The main goal is to give every PHP programmer the ability of finding intrusion data coming from client to php web application. Speed up Php application development by reducing the amount of time and money needed to spend on application security.

Features

PHPIDS detects Cross-site scripting (XSS), SQL injection, header injection, Directory traversal, Remote File Execution, Local File Inclusion, Denial of Service (DoS), LDAP. It is simple to use and well structured. It provides impact of every attack by analyzing any chosen input variables as POST, GET, SESSION, COOKIE.

Forks to other Software

PHPIDS module adds a security layer for Drupal
MUTE Screamer - is a Wordpress plugin based on PHPIDS
PHPIDS Extension for Mediawiki developed
ZIDS - PHPIDS module developed to add extra security to Zend Framework Applications
px_phpids - an extension developed for Typo3 based on PHPIDS
dotnetids - a similar project as PHPIDS to secure ASP.NET Applications written in vb.net

ModSecurity is a web application layer firewall uses the PHPIDS default filter rules in their packages.

Criticism

Though it's a good security addition to PHP Applications, there are slight performance issues.
It's lacking User Interface to analyze Intrusion Log

See also

• Web application security