Updating PHPIDS with the latest version

[Nick Smart]

Does anyone know if I can I upload the files from the latest PHPIDS release (version 0.5.2) over the IDS directory in the modules directory (version 0.4.6?). There are a few extra files and directories in the latest release that aren't in the module, e.g:

IDS/Caching/*.*
IDS/Log/Database.php
IDS/vendors/htmlpurifier/*.*

Thanks,

Nick

[viebig]

backup and try!

[Nick Smart]

Hi viebig,

Well, that's the approach I would take with most things but as PHPIDS doesn't give much indication whether it is, or isn't, working, I'm not sure I'd know if I'd broken it or not. If I don't get a definitive answer I'll certainly give that a go.

Thanks for your response.

Nick

[viebig]

can you duplicate the site and test it?

[chrisl]

Yes, I apologize to the CMSMS community. I have been dilatory in not making sure that the PHPIDS module upgrades were up to date.

I will try to update this module, when I have time - within the next two weeks,I hope.

For your information, the PHPIDS people have thrown in HTMLPurifier in their latest upgrade, which to me represents something of a whammy, while it cleverly (incidentally it is very good stand-alone security software) checks the input from WYSIWYG editors such as FCK, XStandard and others I can't remember. The CMSMS PHPIDS module only checks the front end for intrusions.

It may be time for a change!

[Nick Smart]

Thanks for the update. I was reluctant to simply drop in the latest version because of all the new files and directories and because it's difficult to know if the module is actually working, although I have had PHPIDS block one 'attack' - hopefully not a false-positive!

I'll wait for your new release this time.

Thanks.

Nick