The SonataExtraBundle provides an enhanced set of functionalities for managing firewall rules within the Sonata Admin environment. This bundle allows administrators to create and manage rules for filtering requests based on various criteria like stop words, IP addresses, and User Agents.

Features

  • Firewall Rule Management: Define and manage firewall rules to filter incoming requests.
  • Support for Multiple Criteria: Filter requests based on stop words, IP addresses, and User Agents.
  • Dynamic Rule Application: Apply rules based on request parameters (GET, POST, Headers).
  • Cache Integration: Rules are cached for improved performance with the option to reset the cache on updates.
  • Recursive Data Analysis: Handle complex data structures in request parameters.

Activation Add the firewall listener into your services.yaml

    sonata-extra.Firewall_Listener:
        class: Partitech\SonataExtra\EventListener\FirewallListener
        tags:
            - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest }

Add admin interfaces in your sonata_admin.yaml

            firewall:
                icon: fa fa-cogs
                label: Firewall
                items:
                    - Partitech\SonataExtra\Admin\SecFirewallRuleAdmin
                    - Partitech\SonataExtra\Admin\SecStopWordAdmin
                    - Partitech\SonataExtra\Admin\SecIpRuleAdmin

Creating Firewall Rules

Firewall rules can be created and managed through the Sonata Admin dashboard. The following rule types are supported:

  • Stop Word: Block requests containing specified keywords.
  • IP: Block requests from specified IP addresses.
  • User Agent: Block requests from specified User Agents.

Configuring Rules

Each rule consists of the following components:

  • type: The type of rule (e.g., 'stop_word', 'ip', 'user_agent').
  • source: The source of the data to analyze (e.g., 'GET', 'POST', 'HEADER').
  • parameters: List of values to check against the rule.
  • matchMode: Determines if the rule should look for an exact match ('equal') or a partial match ('contain').

Cache Management

The bundle utilizes caching to enhance performance. The cache is automatically reset whenever a rule is updated, created, or deleted.