FRED™  3.0
FRED™: Framework for Rapid and Easy Development
Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes
Security Class Reference
Inheritance diagram for Security:
Component Thing

Public Member Functions

 clientConfig ()
 
 addBan ($reason, $delay=null)
 Add a ban reason to the registry. More...
 
 bruteForceDelay ($result, $reason=null, $delay=null)
 Add a brute force reason to the registry. More...
 
 unBan ($addr)
 Unban a client's IP address. More...
 
 server ($name)
 Perform a server check. More...
 
 purge ($days=null)
 Purge the ban registration files. More...
 
 check ($ignore=null, $expected=false)
 Perform all security checks. More...
 
- Public Member Functions inherited from Component
 __construct ($fred, $config=null)
 
 __destruct ()
 
 clientConfig ()
 Public configuration. More...
 
 config ($key, $default=null)
 Retrieve a config value. More...
 
 ping ()
 Ping function. More...
 
 filemtime ($filename)
 Filemtime with session cache. More...
 
 component ($name)
 Get a component (local or default). More...
 
 components (... $names)
 Get multiple components in an array. More...
 
- Public Member Functions inherited from Thing
 propertyExists ($property)
 Check if a property exists (public or published). More...
 
 constants ($prefix=null)
 Return all constants. More...
 
 get ($key)
 Get one or more properties. More...
 
 set ($key, $value=null)
 Set one or more properties. More...
 
 __get ($key)
 
 __set ($key, $value)
 

Data Fields

 $proxies = []
 Proxy white-list (key = proxy IP-address (optionally in CIDR notation), value = header to use. More...
 
 $allowlist = []
 IP-addresses (key; CIDR notation; seperate with semi-colon) to exclude from certain checks. More...
 
 $blocklist = []
 IP-addresses to ban anyhow (array of IP-address, optionally in CIDR notation). More...
 
 $ext = '.ban'
 Extension for ban registration file. More...
 
 $defaultPurgeDays = 14
 Default number of days after which a ban file will be purged. More...
 
 $defaultDelay = 3600
 Default time (seconds) a ban reason stays in the registry. More...
 
 $bruteForceDelay = 10
 Default time (seconds) a brute force check stays in the registry. More...
 
 $banCount = 5
 Number of registrations that will get you banned. More...
 
 $server = []
 Server checks configuration (key = name, value = config as assoc.array). More...
 
- Data Fields inherited from Component
 $filemtimeTtl = 0
 
- Data Fields inherited from Thing
const HIDDEN = 0
 Property is hidden. More...
 
const READABLE = 1
 Property is readable. More...
 
const WRITEABLE = 2
 Property is writeable. More...
 
const READWRITE = 3
 Property is readable and writeable. More...
 

Protected Member Functions

 filename ($addr)
 
 hasBan ()
 
 countBan ()
 
 writeBan ($reason, $time)
 
 getBanned ()
 
 getChecks ()
 
 getFilename ()
 
 getPath ()
 
 getRemoteAddr ()
 
- Protected Member Functions inherited from Component
 init ()
 
 done ()
 
 getSession ()
 
- Protected Member Functions inherited from Thing
 publish ($property, $visibility=self::READABLE)
 Publish a property (or hide it again). More...
 
 configure ($config)
 Configure the object. More...
 
 _get ($key)
 Default getter if no specific setter is defined, and the property is also not published (readable). More...
 
 _set ($key, $value)
 Default setter if no specific setter is defined, and the property is also not published (writeable). More...
 

Protected Attributes

 $_path = null
 Path to store the ban registration files (temp path if empty). More...
 
 $_checks = null
 Available checks (key = name, value = \Rsi\Fred\Security\Check). More...
 
 $_remoteAddr = null
 True IP-address of the client client (optionally behind a white-listed proxy). More...
 
 $_filename = null
 
 $_banned = null
 
- Protected Attributes inherited from Component
 $_fred = null
 
 $_config = null
 
 $_name = null
 
 $_components = []
 Local components (key = component name, value = component). More...
 
 $_session = null
 
- Protected Attributes inherited from Thing
 $_published = []
 Published properties (key = name of property, value = visibility). More...
 

Detailed Description

Definition at line 5 of file Security.php.

Member Function Documentation

◆ addBan()

addBan (   $reason,
  $delay = null 
)

Add a ban reason to the registry.

Parameters
string$reasonName of reason.
int$delayTime (seconds) the reason should stay in the registry (empty = use default).
Returns
bool True when successful (null if the reason was on the allowlist).

Definition at line 53 of file Security.php.

◆ bruteForceDelay()

bruteForceDelay (   $result,
  $reason = null,
  $delay = null 
)

Add a brute force reason to the registry.

Parameters
bool$resultWhether the request was OK or not (only negative results get registered; however, positive results with a non-empty registry will be delayed too - this prevents attackers from interrupting a request after a small amount of time).
string$reasonName of reason.
int$delayTime (seconds) the reason should stay in the registry (empty = default).

Definition at line 74 of file Security.php.

◆ check()

check (   $ignore = null,
  $expected = false 
)

Perform all security checks.

Parameters
array | bool$ignoreChecks to ignore (true = all).
bool$expectedTrue if this is an expected call.
Returns
bool True if all checks are fine.

Definition at line 117 of file Security.php.

◆ clientConfig()

clientConfig ( )

Definition at line 26 of file Security.php.

◆ countBan()

countBan ( )
protected

Definition at line 40 of file Security.php.

◆ filename()

filename (   $addr)
protected

Definition at line 32 of file Security.php.

◆ getBanned()

getBanned ( )
protected

Definition at line 157 of file Security.php.

◆ getChecks()

getChecks ( )
protected

Definition at line 179 of file Security.php.

◆ getFilename()

getFilename ( )
protected

Definition at line 190 of file Security.php.

◆ getPath()

getPath ( )
protected

Definition at line 195 of file Security.php.

◆ getRemoteAddr()

getRemoteAddr ( )
protected

Definition at line 200 of file Security.php.

◆ hasBan()

hasBan ( )
protected

Definition at line 36 of file Security.php.

◆ purge()

purge (   $days = null)

Purge the ban registration files.

Parameters
int$daysNumber of days after which a file should be purged (defaultPurgeDays when null)
Returns
int Number of files purged.

Definition at line 104 of file Security.php.

◆ server()

server (   $name)

Perform a server check.

Parameters
string$nameName of the check.
Returns
mixed Whatever the check returned

Definition at line 93 of file Security.php.

◆ unBan()

unBan (   $addr)

Unban a client's IP address.

Parameters
string$addr
Returns
bool True if the ban was successful deleted.

Definition at line 83 of file Security.php.

◆ writeBan()

writeBan (   $reason,
  $time 
)
protected

Definition at line 44 of file Security.php.

Field Documentation

◆ $_banned

$_banned = null
protected

Definition at line 24 of file Security.php.

◆ $_checks

$_checks = null
protected

Available checks (key = name, value = \Rsi\Fred\Security\Check).

Definition at line 20 of file Security.php.

◆ $_filename

$_filename = null
protected

Definition at line 23 of file Security.php.

◆ $_path

$_path = null
protected

Path to store the ban registration files (temp path if empty).

Definition at line 19 of file Security.php.

◆ $_remoteAddr

$_remoteAddr = null
protected

True IP-address of the client client (optionally behind a white-listed proxy).

Definition at line 22 of file Security.php.

◆ $allowlist

$allowlist = []

IP-addresses (key; CIDR notation; seperate with semi-colon) to exclude from certain checks.

Definition at line 9 of file Security.php.

◆ $banCount

$banCount = 5

Number of registrations that will get you banned.

Definition at line 16 of file Security.php.

◆ $blocklist

$blocklist = []

IP-addresses to ban anyhow (array of IP-address, optionally in CIDR notation).

Definition at line 11 of file Security.php.

◆ $bruteForceDelay

$bruteForceDelay = 10

Default time (seconds) a brute force check stays in the registry.

Definition at line 15 of file Security.php.

◆ $defaultDelay

$defaultDelay = 3600

Default time (seconds) a ban reason stays in the registry.

Definition at line 14 of file Security.php.

◆ $defaultPurgeDays

$defaultPurgeDays = 14

Default number of days after which a ban file will be purged.

Definition at line 13 of file Security.php.

◆ $ext

$ext = '.ban'

Extension for ban registration file.

Definition at line 12 of file Security.php.

◆ $proxies

$proxies = []

Proxy white-list (key = proxy IP-address (optionally in CIDR notation), value = header to use.

Definition at line 7 of file Security.php.

◆ $server

$server = []

Server checks configuration (key = name, value = config as assoc.array).

Definition at line 17 of file Security.php.

The documentation for this class was generated from the following file: