CakePHP

CakePHP is a widely used open-source web framework that follows the MVC architectural pattern. It is highly regarded within the PHP community and offers a range of features and tools for building web applications.

This guide has been tested successfully in version 3.8 of CakePHP. However, it should also be applicable to older versions of the framework.

Firewall in CakePHP Framework

Installation

Use PHP Composer:

composer require shieldon/shieldon

This will also install dependencies required for Shieldon:

shieldon/psr-http The PSR-7, 15, 17 Implementation with full documentation and extensive testing.
shieldon/event-dispatcher The simplest event dispatcher.
shieldon/web-security A collection of functions related to web security.
shieldon/messenger A collection of modules for sending messages to third-party APIs or services, such as Telegram, Line, RocketChat, Slack, SendGrid, MailGun, and more.

Implementing

CakePHP 3

Step 1 and step 2 are applied to the same file located at /config/route.php.

Both step 1 and step 2 involve modifying the same file located at /config/routes.php. Therefore, you will need to perform the following steps within that file:

Open the /config/routes.php file.
Locate the section where you define your application routes.
Implement the changes described in step 1 and step 2 according to the provided instructions.
Save the changes to the /config/routes.php file.

By following these steps, you will ensure that both modifications are made to the appropriate file.

1. Register a Middleware

A middleware for CakePHP here is ready for you. Just register it on your application.

Example:

/**
 * Apply Shieldon Firewall tp the current route scope.
 */
$routes->registerMiddleware(
    'firewall',
    new \Shieldon\Firewall\Integration\CakePhp()
);

$routes->applyMiddleware('firewall');

2. Define a Route for Firewall Panel

Example:

/**
 * Define the route for the firewall panel.
 */
$routes->connect('/firewall/panel/', [
    'controller' => 'FirewallPanel',
    'action' => 'entry'
]);

3. Create a Controller for Firewall Panel

Create a controller named FirewallPanelController and add the following code to it.

Example:

$panel = new \Shieldon\Firewall\Panel();
$panel->entry();
exit;

If you have CSRF enabled, add these lines:

Example:

$panel->csrf(
    '_csrfToken',
    $this->request->getParam('_csrfToken')
);

The full example will look like this:

Example:

<?php

namespace App\Controller;

class FirewallPanelController extends AppController
{
    /**
     * This is the entry of our Firewall Panel.
     */
    public function entry()
    {
        // Get into the Firewall Panel.
        $panel = new \Shieldon\Firewall\Panel();

        $panel->csrf([
            '_csrfToken' => $this->request->getParam('_csrfToken')
        ]);

        $panel->entry();
        exit;
    }
}

That's it.

You can access the Firewall Panel at /firewall/panel. To view the page, open this URL in your browser.

Controll Panel

https://for.example.com/firewall/panel

The default login is shieldon_user, and the password is shieldon_pass. After logging into the Firewall Panel, the first thing you should do is change the login and password.

If Shieldon Firewall is enabled in the Daemon setting section, it will start monitoring your website. Make sure you have set up the settings correctly.