prevoty-rails

prevoty-rails is a plugin to automatically integrate Prevoty's content filtering and SQL anlysis engine into a Rails application. The content filter is distributed as a Rack middleware that can be added into the request chain and the SQL analysis is handled using the ActiveSupport notification system to inspect SQL queries before they are sent to the database.

Installation

Add this line to your application's Gemfile:

gem 'prevoty-rails'

And then execute:

$ bundle

Or install it yourself as:

$ gem install prevoty-rails

Content Filter

Add the following line into your config/application.rb file to use the Prevoty content filter in all environments or add it to the specific environment (eg. testing/production) that you would like to use it with.

config.middleware.use Rack::Prevoty::ContentMiddleware, {api_key: '', configuration_key: ''}

SQL Analysis

First use the generator to install the initializer needed for SQL.

rails generate prevoty:rails:install

This will create a new file at config/initializers/prevoty_rails.rb. Fill in the configuration key for the query config created in the Prevoty console and the API key to use with it.

Configuration

Common

  • api_key: Prevoty v1 API key (shown at the bottom of the API Keys page in Prevoty Manager Console)
  • api_base: Base api url (default: 'https://api.prevoty.com')
  • api_timeout_milliseconds: Timeout for api requests (default: 1000)

Content Filter

  • mode: ['monitor' | 'protect'] Content mode (default: monitor)
  • paths: Array of uris that the content filter should be applied to. These MAY be partial uris but MUST be defined from the beginning of the uri (default: [])
  • blacklist: Array of uris that the content filter should ignore that are within the paths. These MAY be partial uris but MUST be defined from the beginning of the uri (default: [])
  • minimal_logging: [true | false] Log minimal events (default: false)
  • destination: ['log' | 'callback' | 'none'] Logging destination (default: log)
  • callback: Proc object to call when log_destination is set to callback
  • configuration_key: Configuration Policy Key for content filtering (from the Security Policies page in Prevoty Manager Console, not to be confused with the keys from the Plugin Configurations page)
  • reporting_milliseconds: Interval data will have monitoring analysis performed when the mode is set to monitor and the queue is not filled (default: 10000)
  • reporting_count: Maximum queue size for data to be sent for monitoring analysis (default: 50)

SQL Analysis

  • mode: ['monitor' | 'protect'] query analysis mode (default: monitor)
  • minimal_logging: [true | false] Log minimal events (default: false)
  • log_destination: ['log' | 'callback' | 'none'] Logging destination (default: log)
  • configuration_key: Configuration key for sql analysis (from the Security Policies page in Prevoty Manager Console, not to be confused with the keys from the Plugin Configurations page)
  • reporting_milliseconds: Interval data will have monitoring analysis performed when the query_mode is set to monitor and the queue is not filled (default: 10000)
  • reporting_count: Maximum queue size for data to be sent for monitoring analysis (default: 50)
  • db_vendor: ['mysql' | 'mssql' | 'oracle'] The database vendor the application is using for monitoring
  • db_version: The version of the database being used for monitoring
  • db_name: The default database to use for monitoring
  • violation_mode: ['block' | 'continue'] Determines whether to stop the request or let it continue if there is a violation when sql analysis is in 'protect' mode (default: 'continue')
  • failure_mode: ['block' | 'continue'] Determines whether to stop the request or let it continue if there is an error when sql analysis is in 'protect' mode (default: 'continue')
  • callback: Proc object to call when log_destination is set to callback