This project is not covered by Drupal’s security advisory policy.

This module adds a security layer to Drupal based on PHPIDS

With a defined set of rules, it tries to detect malicious input from (anonymous) users - it does not strip, filter or sanitize the input. It logs directly to watchdog or syslog (if enabled), so you have a clear view on who's trying to break your site. It can send out a mail after a certain level of impact has been reached or display the user a blocking page thus making his action completely worthless. Although the functionallity is there to redirect users after a certain impact.

This module is currently beeing rewritten - See main issue for current state: #1726730: PHPIDS integration rewrite Sprint tasks

ATTENTION for 7.x-2.0

  • The 7.x-2.0 is in an early development state. Only for testing purposes.
  • Currently there is NO UPGRADE PATH from a lower version of the PHPIDS module.

Sponsored by

Project Information