CodeIgniter

CodeIgniter is a light-weight MVC framework. I talk the CodeIgniter 3 first because that Its version 4 has extreme differences from the early versions.

In this guide, I will share with you the tips for implementing Shieldon Firewall on your CodeIgniter application.

Firewall in CodeIgniter Framework

Installation

Use PHP Composer:

composer require shieldon/shieldon

Or, download it and include the Shieldon autoloader.

require 'Shieldon/autoload.php';

Implementing

CodeIgniter 3

CodeIgniter 3 has a super singleton instance called CI_Controller that handles its MVC (Model-View-Controller) architectural pattern.

I highly recommend you create the MY_Controller in the core folder as the Parent Controller and then put the initial code into it.

1. MY_Controller

Let's create a MY_Controller.php in the core folder.

class Core_Controller extends CI_Controller
{
    /**
     * Constructor.
     */
    public function __construct()
    {
        parent::__construct();
    }
}

2. Initialize Firewall instance

Put the initial code in the constructor so that any controller extends MY_Controller will have Shieldon Firewall initialized and $this->firewall() method ready.

class MY_Controller extends CI_Controller
{
    /**
     * Constructor.
     */
    public function __construct()
    {
        parent::__construct();

        // Composer autoloader
        require_once APPPATH . '../vendor/autoload.php';

        // This directory must be writable.
        $storage =  APPPATH . 'cache/shieldon';
        $firewall = new \Shieldon\Firewall($storage);
    }

    /**
     * Shieldon Firewall protection.
     */
    public function firewall()
    {
        $firewall = \Shieldon\Container::get('firewall');
        $firewall->run();
    }
}

Reminder

For the best security, both the system and application folders should be placed above web root so that they are not directly accessible via a browser.

If your application folder is in the same level with index.php, please move the $storage to a safe place. For example:

$storage =  APPPATH . '../shieldon';

3. Defind a Controller for Firewall Panel.

We need a controller to get into Shieldon firewall controll panel, in this example, we defind a controller named Example.

class Example extends MY_Controller
{
    /**
     * Constructor.
     */
    public function __construct()
    {
        parent::__construct();
    }

    /**
     * This is the entry of our Firewall Panel.
     */
    public function ControllPanel()
    {
        // Get Firewall instance from Shieldon Container.
        $firewall = \Shieldon\Container::get('firewall');

        // Get into the Firewall Panel.
        $controlPanel = new \Shieldon\FirewallPanel($firewall);
        $controlPanel->entry();
    }
}

Now, you can access the Firewall Panel via URL:

http://yoursite.com/example/controllPanel/

Shieldon Firewall will start watching your website if it get enabled in Deamon setting section.

CodeIgniter 4

1. Register a Filter.

In your app/Config/Filter.php, add the following code to the $aliases property.

'firewall' => \Shieldon\Integration\CodeIgniter\CI4Middleware::class,

And then, add the string firewall to the $globals property, before array.

public $globals = [
    'before' => [
        'firewall'
    ],
];

2. Defind a Controller for Firewall Panel.

<?php 

namespace App\Controllers;

class FirewallPanel extends BaseController
{
    public function index()
    {
        // Get Firewall instance from Shieldon Container.
        $firewall = \Shieldon\Container::get('firewall');

        // Get into the Firewall Panel.
        $controlPanel = new \Shieldon\FirewallPanel($firewall);
        $controlPanel->csrf(csrf_token(), csrf_hash());
        $controlPanel->entry();
    }
}

That's it.

You can access the Firewall Panel by /firewallPanel, to see the page, go to this URL in your browser.

https://for.example.com/firewallPanel

The default login is shieldon_user and password is shieldon_pass. After logging in the Firewall Panel, the first thing you need to do is to change the login and password.

Shieldon Firewall will start watching your website if it get enabled in Deamon setting section, make sure you have set up the settings correctly.