CIDRAM: Protect Your PHP Website From Malicious Traffic
CIDRAM, short for “Classless Inter-Domain Routing Access Manager”, is a PHP script designed to protect websites by blocking requests originating from IP addresses regarded as being sources of undesirable traffic. This includes, but is not limited to, traffic from non-human access endpoints, cloud services, spambots, scrapers, etc.
CIDRAM uses a combination of techniques such as IP blocking and HTTP header analysis to identify and block threats in real-time. It works by calculating the possible CIDRs (Classless Inter-Domain Routing) of the IP addresses supplied from inbound requests and then attempting to match these possible CIDRs against its signature files. These signature files contain lists of CIDRs of IP addresses regarded as being sources of undesirable traffic.
The main goal of CIDRAM is to prevent various types of attacks, such as brute-force attempts, SQL injections, cross-site scripting, and others. By filtering out suspicious traffic, it helps to reduce the server load, improve the website’s performance, and enhance the overall security posture.
CIDRAM is fully configurable based on your needs and is an ideal solution for websites and forum systems using shared hosting services. It does not require shell access or administrative privileges. It’s open-source software and can be easily integrated into various web applications, including WordPress, Drupal, Joomla, Osclass and any other PHP script.
CIDRAM offers several benefits for enhancing the security of your web applications:
Protection against various types of attacks: CIDRAM’s main goal is to prevent various types of attacks, such as brute-force attempts, SQL injections, cross-site scripting, and others.
Reduced server load: By filtering out suspicious traffic, CIDRAM helps to reduce the server load.
Improved website performance: With less undesirable traffic, the performance of the website improves.
Enhanced security posture: Implementing CIDRAM enhances the overall security posture of your web applications.
Customization options: CIDRAM provides various customization options, allowing developers to tailor its settings to their specific needs and configurations.
Ease of use: CIDRAM is easy to customize, and easy to use.
Full logging: CIDRAM has a full and detailed logging feature. So you always know what is blocked and tune CIDRAM settings accordingly.
By implementing CIDRAM on a website, site owners can enhance their security measures and reduce the risk of cyberattacks. The tool works by analyzing incoming traffic and comparing it to a set of rules and filters, which are based on IP addresses, user agents, referrers, and other parameters.
CIDRAM has the following system requirements:
PHP+PCRE: CIDRAM works for any system with PHP and PCRE (Perl Compatible Regular Expressions) installed, regardless of the operating system.
No shell access required: CIDRAM does not require shell access.
No administrative privileges required: CIDRAM does not require administrative privileges.
It’s easy to install, easy to customize, and easy to use. It’s fully configurable based on your needs and is an ideal solution for websites and forum systems using shared hosting services.
CIDRAM can be installed using three methods:
Installation with Composer: CIDRAM is registered with Packagist, so you can use Composer to install CIDRAM. Here’s the command you need to run:
composer require cidram/cidram
Installation for WordPress: CIDRAM is registered as a plugin with the WordPress plugins database, and you can install CIDRAM directly from the plugins dashboard.
Manual Installation for ANY script (WordPress included). Detailed instructions from the developer are here:
https://github.com/CIDRAM/Docs/blob/master/readme.en.md
We recommend that CIDRAM should be installed manually (even for WordPress, instead of the CIDRAM plugin), since in that way it can be used by ANY PHP script. The WordPress CIDRAM plugin is just an interface and you need to manually set all the options. Also if you are using WordPress, read about some limitations of CIDRAM as a WP plugin:
Warning: Updating CIDRAM via the WordPress plugins dashboard results in a clean installation! If you’ve customised your installation (changed your configuration, installed modules, etc), these customisations will be lost when updating via the plugins dashboard! Logfiles will also be lost when updating via the plugins dashboard! To preserve logfiles and customisations, update via the CIDRAM front-end updates page.
In the near future, we will try to make a blog post on how to manually install CIDRAM script, along with instructions on how to easily integrate it with free Ninja Firewall Pro and NinjaFirewall WP free edition plugin.
After installing CIDRAM, you need to configure it to protect your website. The configuration process will depend on your specific needs and the nature of your website. You can refer to the official documentation on GitHub for more detailed instructions.
CIDRAM provides several optional modules to extend its functionality.
Here are a few:
AbuseIPDB API Module: This module blocks abusive IP addresses using the AbuseIPDB API. When the module is installed and activated, user IP addresses may be shared with the service in accordance with the configuration and the intended purpose of the module.
BGPView API Module: This module performs ASN and country code lookups using the BGPView API. These lookups provide the ability to block or whitelist requests on the basis of their ASN or country of origin.
IP-API API Module: This module performs ASN and country code lookups using the IP-API. These lookups provide the ability to block or whitelist requests on the basis of their ASN or country of origin.
Chart.js Module: This module is used for creating interactive charts for visualizing data.
Optional security extras Module: Provides some limited protections against various attack vectors commonly used in requests.
Bot or browser user agents Module: Optional module which detects unwanted bots, old browsers, and performs some sanity checks. Contains some data from the WordPress plugin “Stop Bad Bots” by William “Bill” Minozzi.
Project Honeypot Module: Blocks requests from IPs listed at Project Honeypot.
Stop Forum Spam Module: Protects registration and login pages against IPs listed by SFS.
Tor blocker module: Prohibits access from Tor exit nodes through DNSEL lookups (supports both IPv4 and IPv6).
Please note that these are just a few examples, and there may be other modules available as well. The choice of which modules to use would depend on your specific needs and requirements.
CIDRAM is an open-source project hosted on GitHub and developed by Caleb Mazalevskis. The development of the project started in 2016.
CIDRAM has received positive feedback from online reviewers and its users. On the WordPress plugin page, it has an average rating of 5 out of 5 stars. Users have praised it for its effectiveness in protecting websites from malicious traffic.
Good script but extremely poor documentation.
Well this script is not for newbies. But it is very powerful and extremely stable.