Extension:PhpIds

From MediaWiki.org
Jump to: navigation, search
MediaWiki extensions manual
Crystal Clear action run.png
PhpIds

Release status: experimental

Implementation User activity, Special page, Database
Description This extension aims at integrating PHPIDS as IDS and IPS into MediaWiki
Author(s) (DocSnydertalk)
Latest version 0.2 (27.09.2010)
MediaWiki 1.15, 1.16
PHP 5.2
License GPL
Download https://trac.mni.fh-giessen.de/trac/HMW_SS10/

Translate the PhpIds extension if it is available at translatewiki.net

Check usage and version matrix; code metrics

What can this extension do?[edit | edit source]

This extension integrates PHPIDS as intrusion detection and prevention system for MediaWiki.

It provides the IDS together with an administration interface and some statistic views.

Usage[edit | edit source]

The extension comes with a predefined set of rules (defaults from phpids.org).

After installing, the following thresholds for impact values can be set:

  • Loglimit: log the user action
  • Warnlimit: warn the user, that his actions are being watched
  • Logoutlimit: logs the user out and stops his action
  • Banlimit: bans the user from this wiki

Download instructions[edit | edit source]

Get the extension at https://trac.mni.fh-giessen.de/trac/HMW_SS10/wiki

Installation[edit | edit source]

Add the directory /extensions/PhpIds from the svn repository to your wiki.

Code changes[edit | edit source]

To activate this extension, add the following to LocalSettings.php:

// Load PHPIDS as first extension
require_once( "$IP/extensions/PhpIds/phpids.php" );

Add the following code to index.php for full features, otherwise only basic impact logging will be done.

if ($phpidsmw->preCheck($phpips, $wgOut, $wgUser, $wgRequest)) {
	$mediaWiki->initialize( $wgTitle, $wgArticle, $wgOut, $wgUser, $wgRequest ); // MediaWiki Version 1.15
	//$mediaWiki->performRequestForTitle( $wgTitle, $wgArticle, $wgOut, $wgUser, $wgRequest ); // MediaWiki Version 1.16
}
 
$phpidsmw->postCheck($wgOut, $wgUser);

This replaces the usual call of $mediaWiki->initialize or $mediaWiki->performRequestForTitle. If you see your articles displayed twice, make sure you don't call initialize / performRequest twice.

Database[edit | edit source]

The following database tables need to be created:

  • phpids_options - stores options that can be configured via the admin interface.
  • phpids_rules and phpids_rules_values
  • phpids_cache - for DB caching
  • phpids_intrusions - single intrusions
  • phpids_aggressor - for per-user and per-ip statistics
  • phpids_suhosin_log - optional, if you want to see suhosin messages via the web interface

You can find the necessary sql statements in the file install.sql. Note that you may have to prepend the prefix for your wiki while installing the tables.

Configuration parameters[edit | edit source]

The extension takes basic parameters from IDS/Config/Config.ini.php as defaults. These settings are overwritten by any options stored in DB (phpids_options) via the admin interface.

User rights[edit | edit source]

No new user rights are added. The IDS can be administrated by every SysAdmin with "editinterface" rights.

(Would it be better to introduce a new right "phpidsadmin"?)