View Single Post
  #16  
Old 26th September 2011, 20:06
ande ande is offline
Junior Member
 
Join Date: Jan 2008
Location: Freiburg, Germany
Posts: 29
Thanks: 5
Thanked 0 Times in 0 Posts
Default

In principle, you are right.

However, I refer to this howto: http://www.howtoforge.com/intrusion-...ns-with-phpids

where a PHP file containing the checks is "prepended" like this:

auto_prepend_file = /var/www/web1/web/phpids.php

...to any php file to be executed (as I understand it) within the context of the vhost.

Wouldnt it be a great thing to "force" clients that their input is filtered via PHPIDS in that way?

According to the Howto, I would maybe able to install PHPIDS for every client / vhost. It would save a lot of effort and could avoid clients tinkering with it when done somewhere elso on a global level.

Piwik has issues with PHPIDS, so when having a pure Piwik install one could turn PHPIDS off...

Thats all I want to ask for...
Reply With Quote