detrusion

Detrusion automatically detects XSS and JavaScript Injection attempts and blocks the attacker's IP address. It works together with the management interface on detrusion.com

Installation

1) Install the gem:

gem install detrusion

Rails 3: include detrusion in your Gemfile

gem 'detrusion'

Rails 2: include the gem in config/environment.rb

config.gem "detrusion"

2) Include the detrusion module in your application controller (app/controllers/application_controller.rb) and insert the before_filter:

include Detrusion
before_filter :detrusion_check

3) Go to detrusion.com and create an account. You'll manage your black-/ whitelists and firewall settings there.

4) Paste the configuration as explained in config/environments/production.rb:

DETRUSION_CONFIG = {
  :user => 'your-username',
  :api => 'your-secret-api-key'
}

That's it. Your application will detect XSS and SQL Injection attempts and block the attacker's IP.

© 2011 netsense llc