?
Solved

phpids integration and usage

Posted on 2013-07-01
7
Medium Priority
?
269 Views
Last Modified: 2013-08-04
Hi EE,

Please do let me know steps to integrate phpids and how to verify if its working and monitor the attacks.
0
Comment
Question by:Insoftservice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 58

Assisted Solution

by:Julian Hansen
Julian Hansen earned 1200 total points
ID: 39289526
I would start with reading the FAQ
https://phpids.org/faq/
0
 
LVL 15

Author Comment

by:Insoftservice
ID: 39289637
@julianH i tried with but was not completely successful.
Please do let me know whether we have some API which would not only detect attacks but also avoid it.PHPIDS detects all sorts of XSS, SQL Injection, header injection, directory traversal, RFE/LFI, DoS and LDAP attacks. But it does not prevent it.

Is there some api which does both specially sql injection.
0
 
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 800 total points
ID: 39289748
I would probably approach this from a different perspective, especially since it's at level 0.7 and since I got the "Untrusted Connection" warning when I tried to visit the phpids link.

Instead of trying to enumerate the threats and attacks, just switch your thinking to the security mantra: Accept Only Known Good Values.  To be sure, there are still attacks that can be mounted against thoughtfully secured web sites, but they are far less likely to succeed if your script tests every external input for "reasonable" values and simply ignores the ones that fail the reasonability tests.

This link (and the whole organization) may be useful.  If you're not a member, join!
https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 15

Author Comment

by:Insoftservice
ID: 39292202
0
 
LVL 15

Author Comment

by:Insoftservice
ID: 39369133
c
0
 
LVL 58

Accepted Solution

by:
Julian Hansen earned 1200 total points
ID: 39369276
Is there some api which does both specially sql injection.
Don't look for an API to do this for you - to prevent SQL injection code your page and queries correctly.

Use either mysqli or PDO

A) Put all data to go to database through mysqli_real_escape_string (in the case of mysqli
B) Use prepared statements
0
 
LVL 15

Author Closing Comment

by:Insoftservice
ID: 39380283
Issue had got already resolved, but the suggestion was also up-to the mark to resolve and tackle my questions more easily thx to all
0

Featured Post

Are You Using the Best Web Development Editor?

The worlds of web hosting and web development are constantly evolving. Every year we see design trends change, coding standards adapt and new frameworks/CMS created. With such a quick pace of change it’s easy to get lost trying to keep up.

See if your editor made the list.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question