PHPackages                             msp/shield - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. msp/shield

ActiveMagento2-module[Security](/categories/security)

msp/shield
==========

Advanced Intrusion Prevention System for Magento2 - Member of MageSpecialist SecuritySuite

2.1.0(8y ago)2037.2k3[4 issues](https://github.com/magespecialist/m2-MSP_Shield/issues)1OSL 3.0PHPPHP ^7.0|^7.1

Since May 31Pushed 3y ago4 watchersCompare

[ Source](https://github.com/magespecialist/m2-MSP_Shield)[ Packagist](https://packagist.org/packages/msp/shield)[ RSS](/packages/msp-shield/feed)WikiDiscussions master Synced 3d ago

READMEChangelog (10)Dependencies (2)Versions (21)Used By (1)

MSP Shield
==========

[](#msp-shield)

MSP Shield is the **most powerful and most effective protection** against malicious user in the MSP Security Suite.
It is a fully featured **Intrusion Detection** and **Intrusion Prevention** System for PHP.

MSP Shield is capable of detecting a wide number of **hack attempts** and protect your Magento 2 from a wide number of potential **code vulnerabilities**.

You will have an high level of protection against 0-day vulnerabilities, code injections, exploit testing and other known attack patterns.

**NOTE:** Installing this module does not exempt you from keeping your system **up to date**.

> Member of **MSP Security Suite**
>
> See: [https://github.com/magespecialist/m2-MSP\_Security\_Suite](https://github.com/magespecialist/m2-MSP_Security_Suite)

Installing on Magento2:
-----------------------

[](#installing-on-magento2)

**1. Install using composer**

From command line:

```
composer require msp/shield
php bin/magento setup:upgrade

```

**2. Enable and configure from your Magento backend config**

[![](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/config.png)](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/config.png)

NOTE: Enabling this module for backend can trigger false positives, we strongly suggest to keep it enabled only for frontend and to protect your backend with [https://github.com/magespecialist/m2-MSP\_AdminRestriction](https://github.com/magespecialist/m2-MSP_AdminRestriction) module .

How to test it
--------------

[](#how-to-test-it)

MSP Shield can detect a wide number of PHP attack patterns and attack attempts.
You can test it in any Magento 2 form by typing a malicious request.

For example you can try typing `; drop database magento` in any form.

This will simulate a **SQL injection attack**. Magento is already protected against this kind of attack, but you can try it to verify the correct configuration of MSP Shield.

[![](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/injection_attempt.png)](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/injection_attempt.png)

If you correctly installed and configured MSP Shield, an emergency stop screen will appear.

Hack Attempt detected (with stealth mode disabled)
--------------------------------------------------

[](#hack-attempt-detected-with-stealth-mode-disabled)

[![](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/detected.png)](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/detected.png)

Hack Attempt detected (with stealth mode enabled)
-------------------------------------------------

[](#hack-attempt-detected-with-stealth-mode-enabled)

[![](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/detected_stealth.png)](https://raw.githubusercontent.com/magespecialist/m2-MSP_Shield/master/screenshots/detected_stealth.png)

Logged entries
--------------

[](#logged-entries)

You can browse and search logged events for blocked or non-blocked requests in **System &gt; MSP Security Suite &gt; Events Report**.

###  Health Score

36

—

LowBetter than 79% of packages

Maintenance16

Infrequent updates — may be unmaintained

Popularity31

Limited adoption so far

Community16

Small or concentrated contributor base

Maturity67

Established project with proven stability

 Bus Factor1

Top contributor holds 94.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~9 days

Total

18

Last Release

3167d ago

Major Versions

1.2.0 → 2.0.02017-09-07

PHP version history (2 changes)1.0.0PHP ~7.0.0

2.0.0PHP ^7.0|^7.1

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/3977029?v=4)[MageSpecialist](/maintainers/magespecialist)[@magespecialist](https://github.com/magespecialist)

---

Top Contributors

[![phoenix128](https://avatars.githubusercontent.com/u/10189093?v=4)](https://github.com/phoenix128 "phoenix128 (34 commits)")[![giacmir](https://avatars.githubusercontent.com/u/447940?v=4)](https://github.com/giacmir "giacmir (1 commits)")[![slackerzz](https://avatars.githubusercontent.com/u/3061752?v=4)](https://github.com/slackerzz "slackerzz (1 commits)")

### Embed Badge

![Health badge](/badges/msp-shield/health.svg)

```
[![Health](https://phpackages.com/badges/msp-shield/health.svg)](https://phpackages.com/packages/msp-shield)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.0M138](/packages/mews-purifier)[ahmed-bhs/doctrine-doctor

Runtime analysis tool for Doctrine ORM integrated into Symfony Web Profiler. Unlike static linters, it analyzes actual query execution at runtime to detect performance bottlenecks, security vulnerabilities, and best practice violations during development with real execution context and data.

939.0k](/packages/ahmed-bhs-doctrine-doctor)[paragonie/ecc

PHP Elliptic Curve Cryptography library

25772.0k36](/packages/paragonie-ecc)[calebdw/larastan

Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel

15118.7k4](/packages/calebdw-larastan)[msp/nospam

Comment Spammers, Harvesters and Suspicious users access prevention for Magento2 - Member of MageSpecialist SecuritySuite

1447.1k1](/packages/msp-nospam)[msp/antivirus

ClamAV Magento2 integration for active requests scan - Member of MageSpecialist SecuritySuite

1320.0k1](/packages/msp-antivirus)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
