security_wall è stato approvato da Concrete5.org!

Download: 0.4 (EXPERIMENTAL)

Security Wall è un pacchetto che aumenta la sicurezza globale di Concrete5. Attualmente è disponibile solo in lingua inglese.

Security Wall improves the global Concrete5 security. Where does this improved security come from? The image on the left shows why Security Wall can improve the security of Concrete5. By boxing C5 inside a powerful security framework, C5 can block most of web-based attack. This is absolutely a great feature when a new C5 version come out and some exploit are released to public. Until you upgrade the C5 core it's very easy for people to attack your site (this happens for every CMS, not only C5). Security Wall is actually based on PHPIDS, a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application.

Security Wall can be installed as every other Concrete5 Package from Dashboard→Add functionaliy. Once installed, a new link becomes available in Dashboard menu.

This section gives some info about Security Wall Status:

• Bootstrap activated or not.
• Bootstrap has some errors or not.
• Security Wall enabled or not.
• Current user (you) bypassing Security Wall or not.
• Bootstrap execution time (useful for performance check, available by php constant SECURITY_WALL_BOOT_TIME.

This section contains a log list of all attacks (or false positives) blocked by Security Wall.

Type IDS means attacks blocked by PHPIDS. The number on the red block is the inpact¹⁾ extimated.

In this section you can change Security Wall default behaviours. = Main = Enable/Disable Security Wall

Group/User Bypass

This subsection lets you define some users/groups that can bypass Security Wall. This is useful for admin, for example, that often needs to insert strange code. Users/Groups are identified by name (CASE SENSITIVE).

Security Wall Config Behaviour

Behaviours are the actions taken by Security Wall when an attack is detected. Available actions are:

• sanitize - inputs that seems to contain malicious code are unsetted (as they haven't been send to server);
• die - blank page is shown and Concrete5 is not executed.

Help

This is a quick reference section that also contain some dynamic generated code. I post here a screenshot.

Powered by PHPIDS.

On work. Mainly powered by Project Honeypot. Maybe other services (like IPSafer) will be included too.

Thanks to http:BL API you can quickly check whether your visitor is an email harvester, a comment spammer or any other malicious creature. Communication with verification server is done via DNS request mechanism, which makes the query and response even quicker. Now, thanks to Security Wall any potentially harmful clients are denied from accessing your site and therefore abusing it. See Project Honeypot for more info.

You need to insert you API key inside the configuration. After signing up the service, you can find it here.

Q. What is bootstrap?

A. Bootstrap is a script that must be executed before Concrete5 load. This is done by adding a piece of code to index.php file.

Q. My site is not working well after installing your plugin.

A. When you install Security Wall the first time some default settings are applied. E.g. Security Wall will sanitize (empty) data by user if impact is more than 1. This config is great for most sites, but must be changed in some situations. You can easily set behaviours through configuration area. An other advice is to set bypass for admin group, if you trust it.

Q. I am having problems while trying to access my site. What can I do?

A. If you think Security Wall is blocking you out from your site, try disabling it by simply opening file files/security_wall/conf.ini and changing

enable = "true"

with

enable = "false"

If you still can't access your site because of an error inside Security Wall scripting, remove

<?php //-- SECURITY WALL PLUGIN AUTOMATIC CODE BEGIN --//
define('SECURITY_WALL_BOOTSTRAP_CORRECTLOAD', true);
if (file_exists('XYZ/packages/security_wall/boot.php')){
	include('XYZ/packages/security_wall/boot.php');
}//-- SECURITY WALL PLUGIN AUTOMATIC CODE END --// ?>

(where XYZ can be everything) from Concrete5 index.php.

• clean logs automatically
• autoupdate default_filter.xml (jobs)
• users pwd quality test
• more behaviours (redirect, ban)
• ddos prevention (based upon execution time - sleep without white page)
• crawlers check
• email notification
• check concrete5 file permissions (es. /files folder)
• disable security_wall for some groups/users - done in 0.2
• add user nickname inside logs if logged
• block access inside files/security_wall in a better way (now .htaccess only). E.g. random file names
• per page/variable html purify
• HTTP ip blacklist
• protect against bruteforcing user pwd/password - limit wrong login attempts ip/time
• protect against camouflaged image upload - block uploading file with image extension but strange content
• spam point - if $_POST data contains a lot of link ⇒ spam
• site manipulation - check index.php ecc. against strange code (es. base64_encoded javascript)
• ticket/secure token - check manipulated input
• null bit - protect against /0x
• auto update - auto update when new release

Main developer is hanicker - Nicola Moretti (CV - Site).

• PHPIDS is used as Intrusion detection system. Released under LGPL.

Security Wall actual (v. 0.4 and later) logo is a mix of

• blue, wall icon by Webdesigner Depot. Free for commercial use (Include link to authors website)
• lock, security icon by Alexander Moore. Released under LGPL.

• Xoops Protector by Gijoe