You are currently browsing the Security category.
Version 1.0.1 of ZIDS (Zend Framework Intruder Detection System) has been released. You may download the source code here (Google Code).
If you don’t know yet what ZIDS is, or want to know how it works, please have a look at the manual
Version 0.6.1 of ZIDS (Zend Framework Intruder Detection System) has been released. You may download the source code here (Google Code).
If you don’t know yet what ZIDS is, or want to know how it works, please have a look at the manual
Unfortunately, I didn’t had the time to participate in this years ZendCon :-(. For all those of you who had the same problem: here are the slides of the talks. Nearly all of the slides are very interesting for all those of you involved in any kind of web project. Continue Reading
ZIDS (the Zend Framework Intruder Detection System) is a ZF plugin I released a few weeks ago which uses PHP-IDS and enables you to detect attacks against your website and to deal with such attacks, e.g. by logging the attack, by sending an email to the admin, etc.
Today, ZIDS has been mentioned on the official PHP-IDS blog:
ZIDS: an easy to install and use PHPIDS implementation by Christian Koncilia. It ships with a very good manual and clearly is one of the best and most well done PHPIDS ports ever written. If you use the Zend Framework make sure you check out the ZIDS
So, if you are using Zend Framework and if you want to make your web applications more secure, I would be happy if you download and use ZIDS.
The new version of ZIDS (Zend Framework Intruder Detection System) has been released. ZIDS Version 0.6.0 has many new features. Here are some of them:
You may download the source code here (Google Code).
If you would like to use SVN to check out the latest version, use the following code: svn checkout http://zids.googlecode.com/svn/trunk/ zids-read-only
Please, have a look at the manual to see what ZIDS can do for you. There is also a technical documentation available.
“Never ever trust user input!” – ZIDS helps you follow this golden rule of programming web applications.
In one of my last posts I shared some information about PHP-IDS (the PHP Intruder Detection System project) with you. In this article, I would like to share a few lines of code that will enable you to easily integrate PHP-IDS into your Zend Framework project. Furthermore, this little plugin allows you to easily define how to deal with possible attacks (e.g., send an email to the admin, make a log entry, or redirect the attacker to a special side).
Continue Reading
A few days ago I posted an article about how to use PHP-IDS (PHP-Intrusion Detection System) to make Zend Framework applications more secure. Basically, PHP-IDS checks all inputs by applying filter rules and – if a possible attack has been detected – it returns a $result object which you might want to analyze in order to get an indication of the severity of the (potential) attack. Check out the article to find out more details.
Another simple way to make your web application more secure, is to use Zend Framework’s (or your own) filters and validators. Before I went online with my first Zend Framework website, something that always bugged me was the question: did I really apply necessary filters and validators to all form elements? After having some sleepless nights ( because I actually wasn’t sure that I applied all necessary filters ;-)) I applied a very simple and straightforward approach. Continue Reading
Zend Framework already offers mechanisms to build secure web applications, e.g. filters. But why reinvent the wheel? PHP IDS (PHP-Intrusion Detection System) is an open source security layer for your PHP application. This tutorial will show you how to use PHPIDS in your Zend Framework application. Continue Reading
CSS Zend Garden
KingCrunchs kleine Welt