Symfony
Symfony is a set of reusable PHP components and a PHP framework used to build web applications, APIs, microservices, and web services.
This guide has been tested successfully in version 4.3, but it should work with older versions as well.
Symfony doesn't have a middleware concept, therefore you can create a parent controller to implement Shieldon Firewall just like the steps in our CodeIgniter guide.
If you don't like to initialize Shieldon Firewall in a parent controller, you can follow the Bootstrap mode steps provided below.
Installation
Use PHP Composer:
composer require shieldon/shieldonThis will also install dependencies required for Shieldon:
- shieldon/psr-http The PSR-7, 15, 17 Implementation with full documentation and extensive testing.
- shieldon/event-dispatcher The simplest event dispatcher.
- shieldon/web-security A collection of functions related to web security.
- shieldon/messenger A collection of modules for sending messages to third-party APIs or services, such as Telegram, Line, RocketChat, Slack, SendGrid, MailGun, and more.
Implementing
Bootstrap
1. Before initializing Kernel
In your config/bootstrap.php, after this line:
require dirname(__DIR__).'/vendor/autoload.php';Add the following code:
Example:
/*
|--------------------------------------------------------------------------
| Run The Shieldon Firewall
|--------------------------------------------------------------------------
|
| Shieldon Firewall will watch all HTTP requests coming to your website.
*/
if (isset($_SERVER['REQUEST_URI'])) {
// This directory must be writable.
$storage = __DIR__ . '/../storage/shieldon';
$firewall = new \Shieldon\Firewall\Firewall();
$firewall->configure($storage);
// The base url for the control panel.
$firewall->controlPanel('/firewall/panel/');
$response = $firewall->run();
if ($response->getStatusCode() !== 200) {
$httpResolver = new \Shieldon\Firewall\HttpResolver();
$httpResolver($response);
}
}2. Define a Route for Firewall Panel
Create a controller named FirewallPanelController by running the following command.
Example:
php bin/console make:controller FirewallPanelControllerAdd the following lines in the FirewallPanelController controller class:
Example:
$panel = new \Shieldon\Firewall\Panel();
$panel->entry();If you have CSRF enabled, add these lines:
Example:
$csrf = $this->container->get('security.csrf.token_manager');
$token = $csrf->refreshToken('key');The full example will look like this:
Example:
<?php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;
class FirewallPanelController extends AbstractController
{
/**
* @Route("/firewall/panel/", name="firewall_panel")
*/
public function panel()
{
$panel = new \Shieldon\Firewall\Panel();
// If your have `symfony/security-csrf` installed.
$csrf = $this->container->get('security.csrf.token_manager');
$token = $csrf->refreshToken('key')->getValue();
$panel->csrf(['_token' => $token]);
$panel->entry();
exit;
}
/**
* @Route("/firewall/panel/{class}/{method}", name="firewall_panel_page")
*/
public function page()
{
$this->panel();
}
}That's it.
You can access the Firewall Panel by /firewall/panel, to see the page, go to this URL in your browser.
Control Panel
https://yourwebsite.com/firewall/panelThe default login is shieldon_user, and the password is shieldon_pass. After logging into the Firewall Panel, the first thing you should do is change the login and password.
If Shieldon Firewall is enabled in the Daemon setting section, it will start monitoring your website. Make sure you have correctly set up the settings.