Christian Matthies aka. christ1an has announced the first public release of the so called PHPIDS which was written by him, Mario Heiderich and Lars Strojny.

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.

It really seems to have good filters in place and I’ll do some further testing on it as soon as I’ve got some time for it. I also liked, that they released it under the LGPL.

Keep up the good work guys