msp / shield
msp/shield
Advanced Intrusion Prevention System for Magento2 - Member of MageSpecialist SecuritySuite
MSP Shield
MSP Shield is the most powerful and most effective protection against malicious user in the MSP Security Suite.
It is a fully featured Intrusion Detection and Intrusion Prevention System for PHP.
MSP Shield is capable of detecting a wide number of hack attempts and protect your Magento 2 from a wide number
of potential code vulnerabilities.
You will have an high level of protection against 0-day vulnerabilities, code injections, exploit testing and other known attack patterns.
NOTE: Installing this module does not exempt you from keeping your system up to date.
Member of MSP Security Suite
See: https://github.com/magespecialist/m2-MSP_Security_Suite
Installing on Magento2:
1. Install using composer
From command line:
composer require msp/shield
php bin/magento setup:upgrade
2. Enable and configure from your Magento backend config
NOTE: Enabling this module for backend can trigger false positives, we strongly suggest to keep it enabled only for
frontend and to protect your backend with https://github.com/magespecialist/m2-MSP_AdminRestriction module .
How to test it
MSP Shield can detect a wide number of PHP attack patterns and attack attempts.
You can test it in any Magento 2 form by typing a malicious request.
For example you can try typing ; drop database magento in any form.
This will simulate a SQL injection attack. Magento is already protected against this kind of attack, but you can try it
to verify the correct configuration of MSP Shield.
If you correctly installed and configured MSP Shield, an emergency stop screen will appear.
Hack Attempt detected (with stealth mode disabled)
Hack Attempt detected (with stealth mode enabled)
Logged entries
You can browse and search logged events for blocked or non-blocked requests in System > MSP Security Suite > Events Report.
No changelog yet
The vendor hasn't published a changelog. Tagged releases appear in the Versions tab.
| Version | Stability | QA Status | Released |
|---|---|---|---|
| 2.1.0 | stable | Fail | 2017-10-28 22:33:34 |
| 2.0.6 | stable | Not tested | 2017-09-13 13:21:31 |
| 2.0.5 | stable | Not tested | 2017-09-12 14:28:13 |
| 2.0.4 | stable | Not tested | 2017-09-12 14:06:56 |
| 2.0.3 | stable | Not tested | 2017-09-11 13:39:16 |
| 2.0.2 | stable | Not tested | 2017-09-09 15:06:49 |
| 2.0.1 | stable | Not tested | 2017-09-07 16:55:56 |
| 2.0.0 | stable | Not tested | 2017-09-07 16:11:32 |
| 1.2.0 | stable | Not tested | 2017-07-31 16:07:02 |
| 1.1.2 | stable | Not tested | 2017-07-24 09:48:29 |
| 1.1.1 | stable | Not tested | 2017-07-24 09:22:12 |
| 1.1.0 | stable | Not tested | 2017-07-14 15:21:16 |
| 1.0.5 | stable | Not tested | 2017-06-25 15:13:23 |
| 1.0.4 | stable | Not tested | 2017-06-01 18:10:21 |
| 1.0.3 | stable | Not tested | 2017-06-01 16:40:02 |
| 1.0.2 | stable | Not tested | 2017-05-31 18:20:07 |
| 1.0.1 | stable | Not tested | 2017-05-31 17:42:15 |
| 1.0.0 | stable | Not tested | 2017-05-31 16:09:13 |
Requires 3
| Package | Constraint |
|---|---|
| php | ^7.0|^7.1 |
| msp/security-suite-common | ^2.0 |
| phpmyadmin/sql-parser | ^4.1 |
Suggests 1
| Package | Reason |
|---|---|
| msp/security-suite | Full MageSpecialist Security Suite |
| Tool | Status | Findings | Summary |
|---|---|---|---|
| PHPCS | Fail | 2 | 2 errors (gating threshold: error-severity=10, ruleset: Magento2) |
| PHPStan | Error | 0 | composer require failed on PHP 8.3 — Your requirements could not be resolved to an installable set of packages. Problem 1 - msp/shield[dev-main, dev-16012251470833a124538b4da4c625218eb65ea7] require php ^7.0|^7.1 -> your php version (8.3.31) does not satisfy that requirement. |
| Cpd | Pass | 0 | |
| Security | Pass | 0 |
Turn an existing module into recurring revenue.
If you already maintain a Magento 2 module on GitHub or GitLab, listing it on Packagento takes about five minutes. We mirror your tags, handle distribution signing, and route paid licenses through Stripe Connect, so you can keep shipping the way you already do.