An complex protection component and intrusion detection for Joomla 1.5 +
We wrote a php-script that monitors changes in own Joomla files and files of its extensions. After running, the script scans all files of a site. And displays a report of changing the existing files of Joomla and its extensions, as well as the appearance of new files.
At the first run, you create an etalon «snapshot» of the system."Snapshot" it is a text file with data of all existing files:
- name;
- location (which folder is stored);
- date of creation;
- date of last modification.
This php-script can be very useful to detect unauthorized changes of files and the introduction of malicious code.
We propose to make this decision, as an integrated protection and intrusion detection component (for Joomla 1.5 +). And immediately establish the following new features.
User registration checking plugin
Checks the user during the registration for presence in spam databases. And automatically bans spammers, that their accounts not will even show up in the list of Joomla! users.
Protection from automatic content stealing
Consider the very real situation that could happens.
Attacker inciting special programs (eg: Webzip, Teleport) to your site.Gets a full copy of your site (without functionality of course) and places it on own domain. After this, the attacker is actively promoting his site in search engines.
Because of this, at some point in a time, search engines are beginning to perceive his site as the principal, and your site as a copy of it.In the best case — the search engines will assume your site is a mirror of the attacker’s site, at worst — a site, that stole content. As a result, your site will disqualify from search engines. On the restoration in a previous state will may take up to six months.
To significantly reduce the likelihood of such a situation, as will be made once and for protection from automatic copying of content.
Protection from spam, search and scanning bots
There are various bots that crawl the site for the detection of various type of vulnerabilities. For example:
- irrelevant version of CMS Joomla!;
- vulnerable version of the component;
- accessibility to record in certain folders;
- openness of the administrative panel.
Also, there are various search engines that do not know how to work sensitively with the site.And often very heavy overloads server so that it falls down.
IDoSecurity will block such search and scanning bots.
Protection from most part of the SQL-injection
Will block known SQL-injection, as well as requests that contain attributes of SQL-injection. Realized with helps of base containing such type of requests. Component will able to update database automaticaly.
Additional protection against unauthorized access to the administrative panel
Implemented at the server level.
Search vulnerable folders and configuration files
When configuring the site (after you installing or updating anything) often administrators forget to close access to folders and configuration files. The scanner will look for these errors and to give warning notice.
Database, that containts data about Joomla! extensions versions
The scanner will check the version of installed extensions on the site, compare them with the latest versions data and notify about appearing new updates.
We want to realize it all by ourself (the developer is not searched). Time — about 3 weeks. I ask for a token grant. The project will be developed within idoitbetter.org project, do not see the point to do a separate site for it.
