Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/echo-devim/litewaf

Lightweight In-App Web Application Firewall for PHP
https://github.com/echo-devim/litewaf

attack-log attack-prevention php sanity-check security sqlinjection waf xss

Last synced: about 1 month ago
JSON representation

Lightweight In-App Web Application Firewall for PHP

Awesome Lists containing this project

README 

          
# LiteWAF



**LiteWAF** is a simple in-app Web Application Firewall. It is a single `php` script that must be included at the beginning of each page you want to protect.

For each request, the script parses the parameters looking for well known attacks.



Actually the script supports the following attack types:

*  XSS

*  SQL Injection

*  Path Traversal

*  Remote Command Execution



When an attack attempt is detected the script logs the event into `attacklogs.php` file and then redirects the user to a default page.



The `attacklogs.php` script contains the logs, but it is authenticated. Thus means that you need to provide the right password to access the logs (url: `attacklogs.php?pwd=your_password`).

Even `attacklogs.php` is protected by LiteWAF.



At the moment the logs are stored in plain text. Each row contains several information about the event (datetime, ip, user-agent, url requested, attack type, etc.).



This tool is based on signature matching, this means that bypass techniques can exist. However it should block and log the major part of the attacks.



## Configuration



You can configure the tool editing the beginning of `litewaf.php`.

You can set where to redirect the user when an attack is detected (index is the default location). You can set the log file path (it **must be** a php file).

You *must set* the directory containing `litewaf.php`.

Finally, you can set the password to access the log file (random by default) and if redirect a user that provides the wrong credentials.