Node/VM/EC2

Install and attach K2's PHP Language Agent with your PHP application hosted on Node/VM/EC2 for Runtime Self Application Protection.

Prerequisites

We assume here you are able to successfully install our K2 agents in your infrastructure.

Docker

Steps to protect PHP Web Application (Supported servers: Apache Server)

• For PHP web applications, make sure you have the supported PHP versions: 5.4 and above.

• The PHP language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.

• For any containerized PHP web application (Docker/K8s), the host path LANGUAGE_COLLECTORS_HOME is to be mounted at "/opt/k2-ic" inside the container with option 'z'.

• The PHP agent can be attached to your application by running the installation script inside the application container:

  sudo bash /opt/k2-ic/k2-php-agent/k2_php_agent_install_script.sh --allow-server-restart=TRUE   

  Note:

  • The --allow-server-restart=TRUE flag will automatically restart the server, if you wish to restart the server manually set it to FALSE.

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal.

  Alternatively go to Applications | K2 Portal

Non Docker

Steps to protect PHP Web Application (Supported servers: Apache Server)

• For PHP web applications, make sure you have the supported PHP versions: 5.4 and above.

• The PHP language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.

• The PHP agent can be attached to your application by running the installation script inside the application container:

  Note:

  • The --allow-server-restart=TRUE flag will automatically restart the server, if you wish to restart the server manually set it to FALSE.

  sudo bash [LANGUAGE_COLLECTORS_HOME]/k2-php-agent/k2_php_agent_install_script.sh --allow-server-restart=TRUE      

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal.

  Alternatively go to Applications | K2 Portal