CodeIgniter is a light-weight MVC framework. I talk the CodeIgniter 3 first because that Its version 4 has extreme differences from the early versions.
In this guide, I will share with you the tips for implementing Shieldon Firewall on your CodeIgniter application.
Use PHP Composer:
composer require shieldon/shieldonOr, download it and include the Shieldon autoloader.
require 'Shieldon/autoload.php';CodeIgniter 3 has a super singleton instance called CI_Controller that handles its MVC (Model-View-Controller) architectural pattern.
I highly recommend you create the MY_Controller in the core folder as the Parent Controller and then put the initial code into it.
Let's create a MY_Controller.php in the core folder.
class Core_Controller extends CI_Controller
{
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
}
}Put the initial code in the constructor so that any controller extends MY_Controller will have Shieldon Firewall initialized and $this->firewall() method ready.
class MY_Controller extends CI_Controller
{
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
// Composer autoloader
require_once APPPATH . '../vendor/autoload.php';
// This directory must be writable.
$storage = APPPATH . 'cache/shieldon';
$firewall = new \Shieldon\Firewall($storage);
}
/**
* Shieldon Firewall protection.
*/
public function firewall()
{
$firewall = \Shieldon\Container::get('firewall');
$firewall->run();
}
}Reminder
For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser.
If your application folder is in the same level with index.php, please move the $storage to a safe place. For example:
$storage = APPPATH . '../shieldon';We need a controller to get into Shieldon firewall controll panel, in this example, we defind a controller named Example.
class Example extends MY_Controller
{
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
}
/**
* This is the entry of our Firewall Panel.
*/
public function ControllPanel()
{
// Get Firewall instance from Shieldon Container.
$firewall = \Shieldon\Container::get('firewall');
// Get into the Firewall Panel.
$controlPanel = new \Shieldon\FirewallPanel($firewall);
$controlPanel->entry();
}
}Now, you can access the Firewall Panel via URL:
http://yoursite.com/example/controllPanel/Shieldon Firewall will start watching your website if it get enabled in Deamon setting section.
In your app/Config/Filter.php, add the following code to the $aliases property.
'firewall' => \Shieldon\Integration\CodeIgniter\CI4Middleware::class,And then, add the string firewall to the $globals property, before array.
public $globals = [
'before' => [
'firewall'
],
];<?php
namespace App\Controllers;
class FirewallPanel extends BaseController
{
public function index()
{
// Get Firewall instance from Shieldon Container.
$firewall = \Shieldon\Container::get('firewall');
// Get into the Firewall Panel.
$controlPanel = new \Shieldon\FirewallPanel($firewall);
$controlPanel->csrf(csrf_token(), csrf_hash());
$controlPanel->entry();
}
}That's it.
You can access the Firewall Panel by /firewallPanel, to see the page, go to this URL in your browser.
https://for.example.com/firewallPanel