README

BitSensor PHP插件

BitSensor PHP插件。

BitSensor

文档

Gitlab仓库

设置BitSensor

需求

php >= 5.6.0
composer
uopz [可选，用于查询跟踪]

安装

composer require bitsensor/php

配置

代码

<?php
use BitSensor\Core\BitSensor;
use BitSensor\Core\Config;
use BitSensor\Connector\ApiConnector;
use BitSensor\Blocking\Blocking;
use BitSensor\Blocking\Action\BlockingpageAction;
use BitSensor\Handler\IpHandler;
use BitSensor\Handler\AfterRequestHandler;

// Load Composer's autoloader
require_once __DIR__ . '/vendor/autoload.php';

// Create config using PHP.
ApiConnector::setUser('dev');
ApiConnector::setApiKey('secret-apikey');
// ApiConnector::setHost('optional-host'); when not running on bitsensor.io
BlockingpageAction::setUser('dev');
// BlockingpageAction::setHost('optional-host'); //when not running on bitsensor.io
Blocking::setAction(new BlockingpageAction());
BitSensor::setConnector(new ApiConnector());
IpHandler::setIpAddressSrc(IpHandler::IP_ADDRESS_REMOTE_ADDR);
AfterRequestHandler::setExecuteFastcgiFinishRequest(true); // If you are using FastCGI
BitSensor::setEnableUopzHook(true); // If you have enabled UOPZ

// Start BitSensor 
BitSensor::run();

JSON

index.php

<?php
use BitSensor\Core\BitSensor;

BitSensor::configure('/path/to/config.json');

示例配置文件

{ 
  "connector": {
    "type": "api",
    "user": "dev",
    "apikey": "php-plugin-test"
  },
  "blocking": {
    "action" :{ 
      "type": "blockingpage",
      "user": "dev"
    }
  },
  "mode": "ids",
  "ipAddressSrc": "remoteAddr",
  "hostSrc": "serverName",
  "logLevel": "none",
  "uopzHook": "on",
  "executeFastCgi": "off"
}

文档

您有以下配置选项可供选择

连接器类型

Api

文件

阻止动作

阻止页面

查询跟踪

要使用PDO和MySQLi查询跟踪，必须安装uopz pecl扩展。

# You might have to install `pecl` and php-dev dependencies
sudo apt-get install php-pear php-dev

pecl install uopz

# You might have to add `extension=uopz.so` to your php.ini, if that does not happen automatically
echo 'extension=uopz.so' >> /etc/php/7.0/fpm/php.ini

# In case of php-fpm, reload the service
service php7.0-fpm reload

# Check successful installation, the output should be `1`
php -r 'echo extension_loaded("uopz");'

日志记录

Monolog

<?php
use Monolog\Logger;

use Monolog\Handler\PsrHandler;
use BitSensor\Handler\PsrLogHandler;

// Your existing logger code
$log = new Logger('name');

// Add the BitSensor PsrLogHandler
$log->pushHandler(new PsrHandler(new PsrLogHandler()));

WebSocket

如果您正在使用WebSocket，BitSensor需要知道以便正确检测攻击。

<?php
use \BitSensor\Core\BitSensor;
use \BitSensor\Core\EndpointConstants;

BitSensor::putEndpoint(EndpointConstants::WEBSOCKET, 'true');

Apache

在您的应用程序中注入BitSensor钩子之后，您可以扩展BitSensor的可视性，包括由您的应用程序未处理的事件。

要记录Apache错误，请在您的.htaccess中添加以下内容

# Open .phar files as PHP files
AddType application/x-httpd-php .phar

# Add all errors you want BitSensor to handle
# The path to BitSensor.phar is as seen in the URL in the browser
ErrorDocument 400 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=400
ErrorDocument 401 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=401
ErrorDocument 402 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=402
ErrorDocument 403 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=403
ErrorDocument 404 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=404
ErrorDocument 405 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=405
ErrorDocument 406 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=406
ErrorDocument 407 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=407
ErrorDocument 408 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=408
ErrorDocument 409 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=409
ErrorDocument 410 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=410
ErrorDocument 411 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=411
ErrorDocument 412 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=412
ErrorDocument 413 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=413
ErrorDocument 414 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=414
ErrorDocument 415 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=415
ErrorDocument 500 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=500
ErrorDocument 501 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=501
ErrorDocument 502 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=502
ErrorDocument 503 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=503
ErrorDocument 504 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=504
ErrorDocument 505 /path/to/BitSensor.phar/Handler/ErrorDocumentHandler.php?e=505

# Add all errors you want to show a custom page for
# The path is as seen in the URL in the browser
SetEnv ERROR_DOCUMENT_400 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_401 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_402 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_403 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_404 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_405 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_406 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_407 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_408 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_409 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_410 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_411 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_412 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_413 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_414 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_415 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_500 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_501 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_502 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_503 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_504 /path/to/error/document.html
SetEnv ERROR_DOCUMENT_505 /path/to/error/document.html

调试

为了在代码库中进行更广泛的调试，我们提供了以下钩子

可以使用BitSensor\Util\Log::d($msg)打印调试日志，这将仅在调试模式下打印，通过设置

\BitSensor\Util\Log::setEnabled(true);

这应该在测试脚本中完成，而不是在实际源代码中。

外部依赖

由Composer不管理的库应放在lib/文件夹中。

bitsensor / php

维护者

详细信息