FuseGuard Logo

FuseGuard 3.6.0 Component API Reference


IncludeBlockFilter Blocks requests that target paths that should be included (such as views, layouts, include) 
IPWhiteListFilter Only allows IP Addresses that are the List 
IDValidationFilter This filter validates that all input variables ending in ID are either integers, UUIDs, or simple string values 
XMLExternalDTDFilter Looks for XML External DTD in Requests. 
ContentLengthFilter Inspects the HTTP Content Length Header 
JVMFloatingPointFilter This filter validates that input variables do not contain a value that can crash old JVMs (1.6.0_24 or lower). 
CRLFInjectionFilter Looks for CRLF Injection in the HTTP Headers 
CrossSiteScriptingFilter Looks for XSS in the HTTP Request 
ForeignPostFilter Detects HTTP Post Requests with referrers other than the origin 
HoneyPotFilter Blocks IPs based on the Project Honey Pot http:BL Blacklist 
SessionHijackingFilter Detects if a Session Changes User Agent 
IPBlackListFilter Only allows IP Addresses that are the List 
Log4ShellFilter Looks for Log4Shell exploit patterns in the request. 
DictionaryAttackFilter Detects Repeated Requests Containing Passwords 
SQLInjectionFilter Looks for SQL Injection in the HTTP Request 
URLSessionIDFilter Looks for Session ID in the URL (eg CFID, CFTOKEN, or JSESSIONID) 
ShellExecutionFilter Looks for shell path execution patterns 
XMLEntityInjectionFilter Looks for XML Entity Tags in Request. 
LocalHostFilter Checks if request is from localhost 
ScopeInjectionFilter This filter validates that input variables names dont use scopename. 
NullByteFilter Checks if request is from localhost 
FilterUtils Utility Functions For Filters 
QueryStringLengthFilter Allows you to limit the length of query string 
RepeatOffenderFilter Detects IP's that have been blocked multiple times, and allows you to block all subsequent requests 
BaseFilter The Base Component all Filters must extend. 
FileUploadFilter Checks the File Extensions of Uploaded file and matches them against a whitelist or blacklist. 
FileUploadContentFilter Checks the File Content of Uploaded file and looks for executable content. 
RemoteMethodFilter Looks for remote method requests 
VariablePatternFilter Blocks Variables that match or do not match the specified pattern 
RemoteExecutionFilter Looks for remote execution patterns 
DotDotSlashFilter Looks for ../ in Request 
SimpleIPBlockingFilter Allows you to block IP's 
GeoFilter Allows you to block IPs by Geography.  
UserAgentFilter Looks for Bad / Malicious User Agents 


CFLogLogger Logs to the local server filesystem using the cflog tag. 
BaseLogger Base Component All Loggers Must Extend 
CFMailLogger A Logger that sends log messages via email using the cfmail tag. Please ensure that you have specified a SMTP server in the CF admin or in your Application.cfc 
BaseLogReader I am an abstract class for reading from a log 
DBLogReader I read from the log database and return results 
CFMailDigestLogger Sends log summary emails in batches at a specified interval. Please ensure that you have specified a SMTP server in the CF admin or in your Application.cfc. This logger also requires that the DBLogger is enabled, since it queries the database to fetch logs. 
DBLogger Logs to a database using the cfquery tag. 


LogOnlyConfigurator Example Configuration that only logs attacks, it does not block them. 
BaseConfigurator The Base Component that All Configurator Components Should Extend. 
StrictConfigurator Example Configuration that is more strict 
DefaultConfigurator Example Configuration that only blocks requests that have a threat level of 10. 
BaseURLBuilder Contains the default URL builder implementation, extend this component to create a new URL structure for FuseGuard Manager (eg for SES urls or Framework Specific URLs). 


firewall The FuseGuard Web Application Firewall for ColdFusion 
FuseGuardApplication Utility Component Intended to be extended by Application.cfc 


DBAuthenticator Authenticates against the fuseguard database tables fuseguard_users 
BaseAuthenticator The base authentication component (abstract) 


IPListManager API for managing IP lists 
IPListProvider An abstract IP list provider, extend this component to create your own custom IP List Provider 


CFMailDigestLoggerListener Event Listener Used by the CFMailDigestListener 
EventListener Base Component All Event Listeners Must Extend 
RepeatOffenderEventListener Event Listener Used by the RepeatOffenderFilter 

Copyright © Foundeo Inc. 2006-2024 - Version: 3.6.0 - Build Date: 2024-02-21