Unfortunately it's not that easy. Akeeba Solo is versatile because it can run next to and separately from the site it is backing up. It's standalone. A web application firewall, however, is by definition something that runs with your site. The only way to do that is having a deep integration with the system.
For example, CSRFShield can only run if you hook into the post-rendering step of the application, manipulating the output. You can't do that in WordPress, for example, since it doesn't have a post-rendering step to begin with (it simply echoes stuff to the page as it goes, a terrible idea for performance and security). Blocking user accounts needs, of course, integration with the software powering the site since each one (and each major version of it) has a different way to do that. Even displaying the block message page requires deep integration: in Joomla we are abusing the internal component router so that it loads a special view of our component, one which (by means of other esoteric Joomla black magic) is not available directly from the web (if you try it makes Joomla believe that the component is not installed).
To put this into perspective, a web application firewall is very much like bulletproofing a car. Sure you can do some bulletproofing on any car with generic means, e.g. bullet resistant glass panes. However, if you want a car that can withstand a real world attack you need to have both a car that can take the extra weight of bulletproofing and have room for all the armor you're going to add and a lot of experience on that car manufacturer and model to make sure that you don't leave any vulnerable points.
I know that we could publish a very, very basic, generic "firewall". However, I wouldn't be able to recommend this in good conscience to my clients. Between us publishing the digital equivalent of snake oil and simply not publishing anything at all I prefer that we did the latter.
Nicholas K. Dionysopoulos
Lead Developer and Director
π¬π·Greek: native π¬π§English: excellent π«π·French: basic β’ π My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
