PHProtect is a tool to allow you to easily insert captcha’s to prevent spam and database flooding and prevent common PHP attacks.
Key functions
- Easily include captchas
- Time delay on captcha to prevent bruteforce attacks
- Automatically sanitise all GET, POST, COOKIE and REQUEST requests with just 2 lines of code
- Stop XSS attacks
- Stop SQL injections
Captcha
PHProtect allows you to include captcha in your exiting forms with just a few lines of code, allowing you to easily stop spam and prevent flooding.
If the user submits a form with a captcha in too quickly (in less than 2 seconds), this will delay loading of the script by 2 seconds. This will prevent brute force attacks, meaning it can take up to 461 days to crack a single captcha.
The captchas are easy to understand and only contain 5 letters and is not case sensitive.
The captcha is obscured by adding lines to the image and by a non-standard font for letters, making Optical Character Recognition attacks very hard.
String Sanitisation
Using just 2 lines of code you can sanitise all PHP inputs (GET, POST, COOKIE and REQUEST variables). This function can be used to sanitise SQL inputs and XSS attacks alike.
The script includes a function to allow you to sanitise individual variables also.