This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive)
You can use this module by including "iosec.php" to any PHP file which wants to be protected.
You can test module here: http://www.iosec.org/test.php (demo)
Watch the Proof of Concept video: http://goo.gl/dSiAL
Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN)
IJNSA Article at http://goo.gl/LLxRdX
WP Plugin Page http://goo.gl/nF5nD
- Iptables Auto Ban Bash Script Included
- Token Access via Implicit Deny
- Reverse Proxy Support
- reCAPTCHA Support
IOSEC is used by over 15.000 sites in 2013!
Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons
- This is a unique project and it is the world's first web application flood guard script.
- At web application (scripting) level you can,
- - Block proxies. (only via HTTP header)
- - Detect flooding IP addresses.
- - Slow down or restrict access for automated tools (HTTP flood, brute force tools, vulnerability scanners, etc.)
- - Save your server & backend infrastructure resources (database, cpu, ram, etc.) under an attack.
- - Restrict access permanently or temporarily for listed IP addresses in "banlist" file.
- - Notify yourself via email alerts when attacks begin.
- - Implicit deny for DoS/DDoS attacks
- - Integrate it with CloudFlare, Firewall, Iptables, etc.
- - Reduce attack surface at OSI Layer 7.
- In 2 months, more than 1000 downloads now, thank you.
- Don't forget to read articles about IOSEC (links above) to learn what it does precisely.
İlk demişsin ama 10 sene önce Floodgate isimli bir proje vardı ya araştırmamışsın yada sana yakıştıramayacağım bir başarı hırsızlığı yapıyorsun.
this might sound silly but how do i implement this on my machine? can i use it to protect an apache server? yer? HOW??!! if its possible to send me reply by emailing firstname.lastname@example.org plz
nice security tool for preventing and detecting bad-guys.
iosec works perfectly, thanks