Metadata-Version: 2.0
Name: shadowd
Version: 1.1.0
Summary: Python connector for the Shadow Daemon web application firewall
Home-page: http://github.com/zecure/shadowd_python
Author: Hendrik Buchwald
Author-email: hb@zecure.org
License: GPLv2
Keywords: waf security shadowd
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: System Administrators
Classifier: Environment :: Web Environment
Classifier: License :: OSI Approved :: GNU General Public License v2 (GPLv2)
Classifier: Programming Language :: Python :: 2
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: System :: Networking :: Firewalls

**Shadow Daemon** is a collection of tools to **detect**, **protocol** and **prevent** **attacks** on *web applications*. Technically speaking, Shadow Daemon is a **web application firewall** that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.

This component can be used to connect Python applications with the `background server <https://github.com/zecure/shadowd>`_.

Documentation
=============
For the full documentation please refer to `shadowd.zecure.org <https://shadowd.zecure.org/>`_.

Installation
============
You can install the package with easy_install or pip:

::

   easy_install shadowd
   pip install shadowd

It is also possible to clone this repository and install the package manually:

::

    python setup.py install

You also have to create a configuration file. You can copy *misc/examples/connectors.ini* to */etc/shadowd/connectors.ini*. The example configuration is annotated and should be self-explanatory.

CGI
---
To protect CGI applications you simply have to load the module:

::

    import shadowd.cgi_connector

Django
------
Django applications require a small modification. It is necessary to create a hook to intercept requests. To do this create the file *middleware/shadowdconnector.py* in the application directory:

::

    from shadowd.django_connector import InputDjango, OutputDjango, Connector

    class ShadowdConnectorMiddleware(object):
        def process_request(self, request):
            input = InputDjango(request)
            output = OutputDjango()

            status = Connector().start(input, output)
            if not status == True:
                return status

There also has to be an empty *__init__.py* file in the middleware directory. Next you have to register the middleware in the *settings.py* file of your application:

::

    MIDDLEWARE_CLASSES = (
        'middleware.shadowdconnector.ShadowdConnectorMiddleware',
        # ...
    )

The connector should be at the beginning of the *MIDDLEWARE_CLASSES* list.




