Extension:PhpIds
 Release status: experimental |
|
|---|---|
| Implementation | User activity, Special page, Database |
| Description | This extension aims at integrating PHPIDS as IDS and IPS into MediaWiki |
| Last version | 0.2 (27.09.2010) |
| MediaWiki | 1.15, 1.16 |
| PHP | 5.2 |
| License | GPL |
| Download | https://trac.mni.fh-giessen.de/trac/HMW_SS10/ |
|
Check usage (experimental) |
|
Contents |
[edit] What can this extension do?
This extension integrates PHPIDS as intrusion detection and prevention system for MediaWiki.
It provides the IDS together with an administration interface and some statistic views.
[edit] Usage
The extension comes with a predefined set of rules (defaults from phpids.org).
After installing, the following thresholds for impact values can be set:
- Loglimit: log the user action
- Warnlimit: warn the user, that his actions are being watched
- Logoutlimit: logs the user out and stops his action
- Banlimit: bans the user from this wiki
[edit] Download instructions
Get the extension at https://trac.mni.fh-giessen.de/trac/HMW_SS10/wiki
[edit] Installation
Add the directory /extensions/PhpIds from the svn repository to your wiki.
[edit] Code changes
To activate this extension, add the following to LocalSettings.php:
// Load PHPIDS as first extension require_once( "$IP/extensions/PhpIds/phpids.php" );
Add the following code to index.php for full features, otherwise only basic impact logging will be done.
if ($phpidsmw->preCheck($phpips, $wgOut, $wgUser, $wgRequest)) { $mediaWiki->initialize( $wgTitle, $wgArticle, $wgOut, $wgUser, $wgRequest ); // MediaWiki Version 1.15 //$mediaWiki->performRequestForTitle( $wgTitle, $wgArticle, $wgOut, $wgUser, $wgRequest ); // MediaWiki Version 1.16 } $phpidsmw->postCheck($wgOut, $wgUser);
This replaces the usual call of $mediaWiki->initialize or $mediaWiki->performRequestForTitle. If you see your articles displayed twice, make sure you don't call initialize / performRequest twice.
[edit] Database
The following database tables need to be created:
- phpids_options - stores options that can be configured via the admin interface.
- phpids_rules and phpids_rules_values
- phpids_cache - for DB caching
- phpids_intrusions - single intrusions
- phpids_aggressor - for per-user and per-ip statistics
- phpids_suhosin_log - optional, if you want to see suhosin messages via the web interface
You can find the necessary sql statements in the file install.sql. Note that you may have to prepend the prefix for your wiki while installing the tables.
[edit] Configuration parameters
The extension takes basic parameters from IDS/Config/Config.ini.php as defaults. These settings are overwritten by any options stored in DB (phpids_options) via the admin interface.
[edit] User rights
No new user rights are added. The IDS can be administrated by every SysAdmin with "editinterface" rights.
(Would it be better to introduce a new right "phpidsadmin"?)
