Mot-clé - symfony

Fil des billets

[Symfony] Coupling sfDoctrineGuardPlugin and fail2ban

Recently I created a quite sensible application using symfony 1.4. As many people, I chose sfDoctrineGuardPlugin as authentication/password recovery/account managing system. But even with this piece of software, you are still vulnerable to bruteforce attacks.

I though of hacking sfDoctrineGuardPlugin's code to create some rules and attack detections. But those systems are quite tricky to create and calibrate. It must not be too aggressive nor too permissive. I wanted something that can bail out someone after $some tries in a $certain time. That implied that I would have to record every try with the current time, and calculate a ratio within which a user can login or not. I seemed simple, then it got too complicated.

Lire la suite

Symfony, tasks and return values

In symfony, it's possible to return a value in your execute() method. Let's create a test task : ┌─(yoda@box)(09:46:59) └─(~/var/www/test)-> ./symfony generate:task test >> task Creating "/home/yoda/var/www/test.../testTask.class.php" task file Adding a return value at the end of  […]

Lire la suite

Display lastest dotclear posts in symfony

Here is a little tip to display the latest posts of your dotclear blog in your symfony website. Create a connection If your blog database is in an other database than symfony's one, you need to create a connection in the /config/databases.yml. Otherwise, skip this step Mine looks like this : [yml]  […]

Lire la suite

Haut de page