通过以下方式搜索 
wdmg / yii2-guard
安全系统
1.3.0
2023-06-24 20:11 UTC
Requires
- wdmg/yii2-base: ^1.3.0
- wdmg/yii2-helpers: ^1.4.0
- wdmg/yii2-validators: ^1.0.6
- yiisoft/yii2: ^2.0.40
README
Yii2 Guard
Yii2的安全系统。该扩展能够检测并抵御Overdrive攻击、XSS攻击、LFI / RFI / RCE攻击、PHP / SQL注入攻击,并能通过过载限制进行封锁。此外,还可以通过IP和网络封锁用户(可以手动添加封锁客户端)。
此模块是Butterfly.СMS内容管理系统的一个组成部分,但也可以作为独立的扩展使用。
版权所有(c)2019-2021 W.D.M.Group,乌克兰
需求
- PHP 5.6或更高版本
- Yii2 v.2.0.40和最新版本
- Yii2 Base模块(必需)
安装
要安装该模块,请在控制台运行以下命令
$ composer require "wdmg/yii2-guard"
配置
要将模块添加到项目中,请在您的配置文件中添加以下数据
'modules' => [
...
'guard' => [
'class' => 'wdmg\guard\Module',
'routePrefix' => 'admin'
'useFilters': true, // flag for use filters
'filters': [ // flag for use request filters
'xss': true,
'lfi': true,
'php': true,
'sql': true
],
'patterns': [ // security filters (regexp patterns)
'xss': '/(<.*?(script|body|object|iframe|applet|meta|style|form|frameset|frame|svg).*?>)|(base64|data\\:|fromCharCode|expression|onmouse|onload|alert|getcookie|document\\.)/uim',
'lfi': '/((\\.|%2e){2,}(\\/|%5c|\\\\)|php:\\/\\/|file:\\/\\/|expect:\\/\\/|zip:\\/\\/|yii\\.php|init\\.php|web\\.php|params\\.php|db\\.php|console\\.php|test\\.php|test_db\\.php|phpinfo|passwd|htaccess)/uism',
'php': '/(php:\\/\\/|(eval|preg_replace|require|include|call_user|create_func|array_filter|array_reduce|array_walk|array_map|reflection)\\()/uism',
'sql': '/(UNION|SELECT|OUTFILE|ALTER|INSERT|DROP|TRUNCATE|({%tables}))\\s/uism'
],
'useRateLimit': true, // flag for use requests limitation
'rateLimit': 60, // request limit`s per minute
'rateLimitIgnoringIP': [ // ignoring by IP
'::1',
'127.0.0.1',
],
'rateLimitIgnoringRoutes': [ // ignoring by request route
'/admin'
],
'rateLimitExceptionRoutes': [ // exception from ignoring by request route
'/admin/login'
'/admin/restore'
],
'rateLimitIgnoringRequests': [ // ignoring by request type
'post': false,
'get': false,
'ajax': true
],
'rateLimitErrorMessage': 'Your request limit has been exceeded! Try later.', // request limit error message
'useOverdriveLimit': true, // flag for use overdrive limitation
'overdriveLimit': [ // limit for $_POST and $_GET data overdrive
'post': 200,
'get': 100
],
'maxAttempts': 5, // maximum number of attack attempts before blocking
'attemptsDuration': 3600, // time in seconds of storage the history of attempted attacks in the cache
'releaseTime': 3600, // time in seconds of removal restrictions (time of blocking)
'useIpRange': true, // use blocking also by a range of network IP addresses
'forbiddenLayout': "@wdmg/guard/views/layouts/default" // use forbidden error layout for frontend
'useFileSystemScan': true, // use a file system scan for modification
'fileSystemScan': [ // file system scan options
'scanInterval': 21600,
'autoClear': true,
'onlyTypes': [
'*.php',
'*.js'
],
'exceptTypes': [],
'excludesPath': [
'@runtime',
'@tests',
'@runtime/cache',
'@webroot/assets'
]
],
'scanReport': [ // options for sending scan notifications by email
'emailViewPath': [
'html': '@wdmg/guard/mail/report-html',
'text': '@wdmg/guard/mail/report-text'
],
'reportEmail': 'admin@example.com'
]
],
...
],
路由
使用模块的Module::dashboardNavItems()方法来生成NavBar的导航项列表,如下所示
<?php
echo Nav::widget([
'options' => ['class' => 'navbar-nav navbar-right'],
'label' => 'Modules',
'items' => [
Yii::$app->getModule('guard')->dashboardNavItems(),
...
]
]);
?>
状态和版本[即可使用]
- v.1.3.0 - 一些修复,更新版权
- v.1.2.0 - 文件系统扫描报告
- v.1.1.0 - 添加了通过IP封锁的功能