New installation

Hello.

Thak you for a very promising piece of code.
Sadly I can't get it to work. If I've understood it right, there should be no blocking while in learning mode, but immediately after writing the .htacces file all requests get blocked. The keyes in the .htaccess file are the same as in the table 'waf_settings', leraning mode is ticked, guard has no value in the database table. When installing the table 'waf_blacklist' was not written, because of the declaration DEFAULT CHARSET=utf32 which in my version of mysql is an unknown charset, I noticed this when I tried to write the table by copying the query for this table and running it through phpmyadmin. When I changed the charset to utf8 the table got writtwn. Could this have lead to some misconfiguration?

Thank you for your feedback.
First - I immediately fixed waf.sql that used in installations - its my mistake.
Second: Learn Mode control only process of learning structure of site.
But Guard Mode control blocking of unknown structure.
What happen in your Access Map? you have not approved variables or segments?

(your BlackList I think empty for now, so not important encoding sure.)

The access map is empty. The dashboard though shows:

Attacks by typeWrong Security KeyWrong Security Key

Wrong Security Key 9
Top 15 attacked scripts in last 30 days/oppet.php [3]/ [2]/favicon.ico [2]/blogg/ [1]/index.php [1

This is the text copied from the page as here is no possibility to attach images.

In the Logs view there are 9 positions of the type:
Wrong Security Key 09:05 30/11/2016 /favicon.ico 213.113.115.142 Request to Layer withour KEY

Maybe these software versions are too old?
Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/0.9.8k PHP/5.3.21
Databas klientversion: libmysql - 5.1.42
PHP-tillägg: mysql
Mysqli is on: mysqlnd 5.0.8-dev - 20102224

This software would be wonderful if it only worked, and not just blocked every access to the site!

Problem should be in .htaccess injection.
Please change rows injected before in .htaccess to new recommended row.
Keys in Settings and .htaccess - different.
You software version looks ok.

Thank you, Roman, for looking into this. But regrettably the new version did not change anything. The .htaccess file looks the same to me. I believe you are right, that it is where you should look for the problem, but I don't know .htaccess syntax enough to see what is wrong. How does the file waf.php work?

These are the readings from htaccess.php:
File exists: Yes
File writeble: Yes
Mod_Rewrite enabled: Yes
- so it should work.

Please send me screenshot of your settings and .htaccess to [email protected] or https://www.facebook.com/PHP-Web-Security-Monitor-253026111501313/,
I want look and try help you.

How its working: https://github.com/shaman33/web_app_firewall/wiki/How-its-working%3F

waf.php get redirected request and send it back with CURL.
(I use 2 security keys for protection from hacker injection .)
But in your situation its blocked - you said via logs - keys wrong.
Lets see.

Hello, I just sent the above to your gmail address. I hope you can find out what is wrong. At the moment the settings are as in the email message, but I removed the generated code from .htaccess. Somehow the key2 seems not to be found, or not inserted into the header? Could it be the order things happen?