Slim 4 Framework
Slim framework is one of my favorites. Since Slim is a mirco framework, implementing Shieldon Firewall is easy as well. Without further ado, let's get started.
Use PHP Composer:
composer require shieldon/shieldon ^2This will also install dependencies built for Shieldon:
- shieldon/psr-http The PSR-7, 15, 17 Implementation with full documented and well tested.
- shieldon/event-dispatcher The simplest event dispatcher.
- shieldon/web-security The collection of functions about web security.
- shieldon/messenger The collection of modules of sending message to third-party API or service, such as Telegram, Line, RocketChat, Slack, SendGrid, MailGun and more...
You can create a middleware by yourself or just use the integration class.
Example:
class FirewallMiddleware
{
/**
* Example middleware invokable class
*
* @param ServerRequest $request PSR-7 request
* @param RequestHandler $handler PSR-15 request handler
*
* @return Response
*/
public function __invoke(Request $request, RequestHandler $handler): Response
{
$response = $handler->handle($request);
$firewall = new \Shieldon\Firewall\Firewall($request, $response);
// The directory in where Shieldon Firewall will place its files.
$firewall->configure(__DIR__ . '/../cache/shieldon_firewall');
$response = $firewall->run();
if ($response->getStatusCode() !== 200) {
$httpResolver = new \Shieldon\Firewall\HttpResolver();
$httpResolver($response);
}
return $response;
}
}For example, if you are using Slim 4 framework, the code should look like this.
Example:
$app->add(new FirewallMiddleware());Or, if you perfer to use the integration class, here is the code.
Example:
$app->add(new \Shieldon\Firewall\Integration\Slim4);For example, if you are using Slim 4 framework, the code should look like this. Then you can access the URL https://yourwebsite.com/firewall/panel/ to login to control panel.
Example:
$app->any('/firewall/panel[/{params:.*}]', function (Request $request, Response $response, $args) {
$firewall = new \Shieldon\Firewall\Firewall($request);
// The directory in where Shieldon Firewall will place its files.
// Must be the same as firewallMiddleware.
$firewall->configure(__DIR__ . '/../cache/shieldon_firewall');
// The base url for the control panel.
$firewall->controlPanel('/firewall/panel/');
$panel = new \Shieldon\Firewall\Panel();
// Begin - Need to set up CSRF fields if you have enabled Slim-CSRF
$csrf = new \Slim\Csrf\Guard();
$nameKey = $csrf->getTokenNameKey();
$valueKey = $csrf->getTokenValueKey();
$csrfName = $request->getAttribute('csrf_name');
$csrfVale = $request->getAttribute('csrf_value');
$panel->csrf(
[$nameKey => $csrfName],
[$valueKey => $csrfVale]
);
// End - Slim-CSRF
$panel->entry();
});Note:
- The HTTP method
POSTandGETboth should be applied to your website. -
POSTmethod is needed for solving CAPTCHA by users who were temporarily blocked.
That's it.
You can access the Firewall Panel by /firewall/panel/, to see the page, go to this URL in your browser.
https://yourwebsite.com/firewall/panel/The default login is shieldon_user and password is shieldon_pass. After logging in the Firewall Panel, the first thing you need to do is to change the login and password.
Shieldon Firewall will start watching your website if it get enabled in Deamon setting section, make sure you have set up the settings correctly.
- Author: Terry L. from Taiwan.
- Website: shieldon.io
- GitHub repository: github.com/terrylinooo/shieldon
- WordPress plugin: wordpress.org/plugins/wp-shieldon/
Docs: Laravel, Symfony, CodeIgniter, CakePHP, Yii, Zend, Slim, Fat-Free, Fuel, PHPixie