This project is not covered by Drupal’s security advisory policy.
This module adds a security layer to Drupal based on PHPIDS http://www.phpids.org.
With a defined set of rules, it tries to detect malicious input from (anonymous) users - it does not strip, filter or sanitize the input. It logs directly to watchdog or syslog (if enabled), so you have a clear view on who's trying to break your site. It can send out a mail after a certain level of impact has been reached or display the user a blocking page thus making his action completely worthless. Although the functionallity is there to redirect users after a certain impact.
This module is currently beeing rewritten - See main issue for current state:
ATTENTION for 7.x-2.0
- The 7.x-2.0 is in an early development state. Only for testing purposes.
- Currently there is NO UPGRADE PATH from a lower version of the PHPIDS module.
- DO NOT USE ON PRODUCTIVE SITES.
- Maintenance status: Actively maintained
- Development status: Under active development
- Module categories: Security, Third-party Integration
- Reported installs: 136 sites currently report using this module. View usage statistics.
- Downloads: 11,901
- Last modified: December 2, 2014
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.