This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive)
You can use this module by including "iosec.php" to any PHP file which wants to be protected.
You can test module here: http://www.iosec.org/test.php (demo)
Watch the Proof of Concept video: http://goo.gl/dSiAL
Read the Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/1dcA9 (and http://goo.gl/VC9B6)
Wordpress Plugin Page http://goo.gl/nF5nD
- Iptables Auto Ban Bash Script Included
- Token Access via Implicit Deny
- Connection Limit Support
- Whitelist Support
- Reverse Proxy Support
- reCAPTCHA Support
Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons
- This is a unique project and it is the world's first web application flood guard script.
- At web application (scripting) level you can,
- - Block proxies. (only via HTTP header)
- - Detect flooding IP addresses.
- - Slow down or restrict access for automated tools (HTTP flood, brute force tools, vulnerability scanners, etc.)
- - Save your server & backend infrastructure resources (database, cpu, ram, etc.) under an attack.
- - Restrict access permanently or temporarily for listed IP addresses in "banlist" file.
- - Notify yourself via email alerts when attacks begin.
- - Implicit deny for DoS/DDoS attacks
- In 2 months, more than 1000 downloads now, thank you.
this might sound silly but how do i implement this on my machine? can i use it to protect an apache server? yer? HOW??!! if its possible to send me reply by emailing firstname.lastname@example.org plz
nice security tool for preventing and detecting bad-guys.
iosec works perfectly, thanks
Reliable and runs smoothly