The PHP RASP Extension is a sophisticated security module developed to enhance server and application security. This extension, written in C for PHP 8.3, monitors and logs potentially dangerous PHP function calls, providing an extra layer of security. It can be particularly useful for untrusted environments such as shared webhosting environments.
Key features include:
- Intercepting, blocking, and logging malicious PHP functions
- Compatibility with PHP 7.x and 8.x environments
- Robust command blacklist that checks arguments
- Hashing file callers within each log entry
- A front-end log viewer for real-time monitoring
The module supports various PHP environments, including PHP-FPM with Nginx, Apache with mod_php, CGI/FastCGI, and CLI, ensuring versatile deployment options.
This project demonstrates my expertise in low-level programming, security, and PHP internals. It showcases my ability to create robust security solutions that integrate seamlessly with existing web infrastructures.
For more details, visit the GitHub repository.