'".$searchfor."'"; break; default: $query_err = TRUE; break; } if (isset($query_err) && $query_err === TRUE && $_POST['searchfor'] != "") { echo ("Can't run query, some Parameters where corrupt or Missing. Please retry!"); } else { $idsquery .= " ORDER BY t1.id DESC "; (ctype_digit($_POST['limit']) && $_POST['limit'] !== 0)? $idsquery .= " LIMIT 0,".$_POST['limit'] : $idsquery .= " LIMIT 0, 25"; $wpdb =& $GLOBALS['wpdb']; $result = $wpdb->get_results($idsquery, ARRAY_A); echo ""; if ($result !=NULL) { $rowNum = 0; foreach ($result as $row) { $tag = (trim($row['tag']) != "")? ereg_replace("['\"<>]", "", $row[tag]): $attackedfields[$row['type']]; $row['impact'] = ($row['impact'] == NULL)? "-" : (int) $row['impact']; echo "\n"; $rowNum++; } } else { echo ("

ID	Value	Tag	Page	IP	Impact	Time
".(int) $row[id_org]."	". ereg_replace("['\"<>]", "", $row[value])."	".$tag."	". substr(ereg_replace("['\"<>]", "", $row[page]), 0, 30)."...	".ereg_replace("['\"<>]", "", $row[ip]). "	".$row[impact]."	".ereg_replace("['\"<>]", "", $row[date])."

No entries found for your criteria!"); } } } else { ?>

WPIDS with PHPIDS v0.4.7

By Gareth Heyes, Philipp Heinze & Mario Heiderich

WPIDS utilizes the PHPIDS for protecting your blog.

This plugin checks all input parameters against a highly tested rule set against attack patterns. If PHPIDS detects some suspicious input the request will be blocked and logged to protect you and your blog from possible harm.

Any bad request is given an impact - with height depending on the severity of the detected attack patterns. This impact allows you to control how WPIDS works for you. Check out the settings below...

Attention:

Your need at least PHP version 5.1.6 or greater (your version: ), therefore it's not possible to use PHPIDS. WPIDS runs now only with a subset of features, so many attacks may remian undetected. Please consider to upgrade to the latest PHP version to benefit from all security features of that plugin.

You can grab the latest copy from:PHP.net

>Filter rules:

Options

WPIDS:

Send an Email to: " size="20" maxlength="">

Maximum impact to ignore bad requests: " size="3">

Minimum impact to sanitize bad requests: " size="3">

Minimum impact to send an alert mail:

Minimum impact to block the request: " size="3">

Show latest: " size="3"> bad requests below

Keep log entries if WPIDS gets disabled: >

Log blocked intrusions to database: >

Use JSON filter rules (may increase performance a little bit): >

WP Lockdown:

Disable forgotten password features of Wordpress: >

Enable Lockdown Framebreaker (Prevents evil sites from including your site on their domain): >

Disable XML-RPC ability (if you don't use Offline Writers it's recommend to disable XML-RPC requests): >

Last Blocked Bad Requests:

get_results("SELECT t1.id AS id_org, `value`, `tag`, `ip`, `impact`, `date`, `page`, `type` FROM `".$prefix."sec_log` AS t1 LEFT JOIN `" .$prefix."sec_intrusions` AS t2 ON t1.ref_id = t2.id ORDER BY t1.id DESC LIMIT ".get_option("wpids-showlate"), ARRAY_A); if ($records != NULL) { $rowNum = 0; foreach ($records as $row) { $row['impact'] = ($row['impact'] == NULL)? "-" : (int) $row['impact']; $tag = (trim($row['tag']) != "")? ereg_replace("['\"<>]", "", $row['tag']): $attackfields[$row['type']]; echo "\n"; $rowNum++; } } else { echo (""); } ?>

ID	Value	Tag	Page	IP	Impact	Time
".(int) $row[id_org]."	". ereg_replace("['\"<>]", "", $row[value])."	".$tag."	". substr(ereg_replace("['\"<>]", "", $row[page]), 0, 30)."...	".ereg_replace("['\"<>]", "", $row[ip]). "	".$row[impact]."	".ereg_replace("['\"<>]", "", $row[date])."
No Intrusions where logged yet, congrats!

Legend:

Name Values: COOKIE - Bad Value within $_COOKIE Array, GET - Bad Value within $_GET Array, POST - Bad Value within $_POST Array, REQUEST - Bad Value within $_REQUEST Array, SERVER RURI - Bad Value in $_SERVER[REQUEST_URI] SERVER REF - Bad Value in $_SERVER[HTTP_REFERER]