Yii 2

In this guide, I will provide you with some ideas on how to implement Shieldon Firewall in your Yii application.

Firewall in Yii Framework

Installation

Use PHP Composer:

composer require shieldon/shieldon

This will also install dependencies required for Shieldon:

shieldon/psr-http The PSR-7, 15, 17 Implementation with full documentation and extensive testing.
shieldon/event-dispatcher The simplest event dispatcher.
shieldon/web-security A collection of functions related to web security.
shieldon/messenger A collection of modules for sending messages to third-party APIs or services, such as Telegram, Line, RocketChat, Slack, SendGrid, MailGun, and more.

Implementing

Yii 2

1. Before initializing Kernel

In your public/index.php, before this line:

require __DIR__ . '/../vendor/yiisoft/yii2/Yii.php';

Add the following code:

Example:

/*
|--------------------------------------------------------------------------
| Run The Shieldon Firewall
|--------------------------------------------------------------------------
|
| Shieldon Firewall will watch all HTTP requests coming to your website.
| Running Shieldon Firewall before initializing Yii will avoid possible
| conflicts with Yii's built-in functions.
*/

if (isset($_SERVER['REQUEST_URI'])) {
    $storage = __DIR__ . '/../runtime/shieldon';

    $firewall = new \Shieldon\Firewall\Firewall();
    $firewall->configure($storage);

    // The base url for the control panel.
    $firewall->controlPanel('/firewall/panel/');

    $response = $firewall->run();

    if ($response->getStatusCode() !== 200) {
        $httpResolver = new \Shieldon\Firewall\HttpResolver();
        $httpResolver($response);
    }
}

2. Define a Route for Firewall Panel

Create a controller named FirewallPanelController.

Example:

<?php

namespace app\controllers;

use yii\web\Controller;

class FirewallController extends Controller
{
    public function beforeAction($action)
    {
        $this->enableCsrfValidation = false;

        return parent::beforeAction($action);
    }

    /**
     * The entry point of the Firewall Panel.
     *
     * @return string
     */
    public function actionPanel()
    {
        $panel = new \Shieldon\Firewall\Panel();
        $panel->entry();
    }
}

Make sure that enablePrettyUrl is set to true in your config/web.php file.

Example:

'urlManager' => [
    'enablePrettyUrl' => true,
    'showScriptName' => false,
    'rules' => [
        'firewall/panel/' => 'firewall/panel',
        'firewall/panel/<slug:.*>' => 'firewall/panel',
    ],
],

That's it.

You can access the Firewall Panel by visiting /firewall-panel in your browser.

Controll Panel

https://yourwebsite.com/firewall-panel

The default login is shieldon_user, and the password is shieldon_pass. After logging into the Firewall Panel, the first thing you should do is change the login and password.

If Shieldon Firewall is enabled in the Daemon setting section, it will start monitoring your website. Make sure you have correctly set up the settings.