Octo Sentry Plugin for adding Extra Layers for Hardening System Security


Summary

We know, Laravel and October is tough enough against bad situations. But security is always matters. This plugin adds extra layers for hardening security. Also useful for blocking Abusive Users, IPs, Bots and many more.

Details

If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. — White House Cybersecurity Advisor, Richard Clarke

Installation

Also if you are getting "dependencies missing" error:

This plugin have some dependencies and they should be provided. OctoberCMS handles this process itself but if you are getting "dependencies missing" error, you should run command php artisan uxms:sentry-install on console for installing library dependencies. And RainLab.User plugin also must be installed.

Performance Tips

If you encounter slowing your website, consider disabling HackRepair.com's Abusive User-Agents List feature. It has 17,780 Definitions and may slightly affect performance if you have too much visitors or average server specs.

Do you need help about something? please do not hesitate to contact us.

Have a suggestion for a new feature to this plugin? We are always eager to hear from you.

Encountered any error, bug or something missing? Write us and we will solve that for you!!

TODOs: (by priority) (after v1.0.9)

  • "Force SSL" option for front-end requests
  • "Away Mode" for Backend access
  • Admin Audition for Backend users
  • 404 detection for IPv4 and IPv6 based auto-lockouts
  • Cloudflare Integration
  • Scheduled DB backups extra options (via email, locally, Amazon S3, Dropbox)
  • IPS (Intrusion Prevention System) [EXPERIMENTAL]
  • Dashboard widgets for quick view

Detailed Changelog

Dependencies

Plugins

Libraries

Additional Licenses on behalf

Documentation

If you are getting "dependencies missing" error:

This plugin have some dependencies and they should be provided. OctoberCMS handles this process itself but if you are getting dependencies missing error anyway, you should run command php artisan uxms:sentry-install on console for installing library dependencies. And RainLab.User plugin also must be installed.

What should I do?

Octo Sentry plugin works on background regularly if it has configured properly. Everything is automated. If you want to be informed what is happening on system, you can look at the plugin pages for more information.

Useful artisan commands

We put 3 console commands which you may need:

  • php artisan uxms:sentry-clear - Clears all Sentry settings for any wrong blocking situations (i.e. when locked-out yourself..)
  • php artisan uxms:sentry-htaccess - Reverts back OctoberCMS' original .htaccess file if you have any issue with rules
  • php artisan uxms:sentry-install - Installs composer dependencies if vendor folder not populated properly

Plugin Configurations

You should go to Settings > System > OctoSentry page and configure these settings as described:

  • Send E-mail Alerts to - This email address is for keeping you informed about actual events
  • Activations - This options switches logs, blockings and filters
    • Keep Visitors Log - Activates statistic logs when any visitor visiting the website
    • Keep Users Log - Activates statistic logs when any user logged-in on website
    • Keep Admins Log - Activates statistic logs when any administrator logged-in on backend
    • Disable Directory Browsing - Directory Browsing should be disabled if you want to hide directory file tree (If your server is already configured, you can disable this option)
    • Disable PHP Files in Storage Folder - OctoberCMS also take cares of directories and files' visibility, but it is wiser to take precautions..
    • Filter Request Methods - Active this option if you want to filter methods except than GET and POST
    • Filter Suspicious Queries - Filter some suspicious query strings.
    • Filter Non-English Characters in QS - Some special characters may disable security or break functionalities. It is suitable mostly to allow only English characters in Query String
    • Block Browser Access to Important Files - You can disable browsing to important files (such as logs)
    • Block Drive-by-Downloads - You can block Drive-by-Downloads by activating this option
    • XSS Attack Shield - You can block some type of XSS Attacks by activating this option
    • Enable HackRepair.com's Abusive User-Agents List - You can block access of known Abusive User-Agents from visiting your website. This has 17,780 Definitions and if you have too much visitors or average server specs, website performance may slightly affected
    • Enable HackRepair.com's Abusive Referers List - You can block access of known Abusive Referers from visiting your website
  • Daily Backup - If you activated daily backups, selected tables will be zipped to your email address everyday at 00:05
  • Filewatcher - If you activated filewatcher, it scans selected folders automatically for alterations everyday at 00:10
  • Malware Scanner - If you activated Malware Scanner, it scans selected folders automatically for harmful codes everyday at 00:15
  • IP Blacklist - Ip addresses for blocking access to your website. You can add "IP Ranges" with also "Mask bits" in "CIDR Notation"
  • User-Agent Blacklist - User-Agents for blocking access to your website
  • Referer Blacklist - Referer for blocking access to your website
  • Country Blacklist - Countries for blocking access to your website
  • Recovery - If you want to use original .htaccess file, you can recover back whenever you want

Specifications

Security Essentials

  • Disable Directory Browsing (Apache Only)
  • Disable PHP Files in Storage Folder (Apache Only)
  • Filter Request Methods (Apache Only)
  • Filter Suspicious Queries (Apache Only)
  • Filter Non-English Characters in QS (Apache Only)
  • IDS (Intrusion Detection System) [EXPERIMENTAL]

Blocking Features

  • HackRepair.com's Abusive User-Agents List (Apache Only)
  • HackRepair.com's Abusive Referers List (Apache Only)
  • HackRepair.com's Malicious Bot Queries List (Apache Only)
  • Custom Blacklist IP Blocking (Now supports IPv6)
  • Custom Blacklist IP Range Blocking (Now supports IPv6)
  • Custom User-Agent Blocking
  • Custom Referer Blocking
  • Custom Blacklist Country Blocking
  • Block Browser Access to Important Files (Apache Only)
  • Blocking Some Types of Drive-by-Downloads (Apache Only)
  • Blocking Some Types of XSS Attacks (Apache Only)

Automation Jobs

Crontab Installation: Setting up the scheduler

  • Modified Website Files Alteration Check
  • Manual Alteration Scanner
  • Website Malware Scanner
  • Manual Malware Scanner
  • Scheduled DB Backups to Email
  • E-mail Alerts

Additional Features

  • Detailed Visitor Logs
  • Detailed User Logs
  • Detailed Admin Logs
  • Detailed System Information
  • Detailed MaxMind GeoIP2 Lookup
  • Secure Password Generator
  • Whois Lookup Tool

Screenshots