PHP Compatibility Requirements
ASM capabilities support
The following ASM capabilities are supported in the PHP library, for the specified tracer version:
| ASM capability | Minimum PHP tracer version |
|---|
| Threat Detection | 0.84.0 |
| Threat Protection | 0.86.0 |
| Customize response to blocked requests | 0.86.0 |
| Vulnerability Management for Open Source Software (OSS) | 0.90.0 |
| Vulnerability Management for Code-level (beta) | not supported |
| Automatic user activity event tracking | 0.89.0 |
The minimum tracer version to get all supported ASM capabilities for PHP is 0.86.0.
Supported deployment types
| Type | Threat Detection support | Vulnerability Management for OSS support |
|---|
| Docker | | |
| Kubernetes | | |
| Amazon ECS | | |
| AWS Fargate | | |
| AWS Lambda | | |
Language and framework compatibility
| PHP Version | Support level | Package version |
|---|
| 8.2.x | General Availability | > 0.82.0+ |
| 8.1.x | General Availability | > 0.66.0+ |
| 8.0.x | General Availability | > 0.52.0+ |
| 7.4.x | General Availability | All |
| 7.3.x | General Availability | All |
| 7.2.x | General Availability | All |
| 7.1.x | General Availability | All |
| 7.0.x | General Availability | All |
PHP ASM supports the following SAPI’s:
| SAPI | Support type |
|---|
| apache2handler | Fully Supported |
| cli | Fully Supported |
| fpm-fcgi | Fully Supported |
| cgi-fcgi | Fully Supported |
Supported processor architectures
PHP ASM supports the following architectures:
| Processor architectures | Support level | Package version |
|---|
Linux GNU amd64 (x86-64-linux-gnu) | GA | All |
Linux MUSL amd64 (x86-64-linux-musl) | GA | All |
The Datadog PHP library supports PHP version 7.0 and above on the following architectures:
- Linux (GNU) x86-64
- Alpine Linux (musl) x86-64
The library supports the use of all PHP frameworks, and also the use of no framework.
Web framework compatibility
- Attacker source HTTP request details
- Tags for the HTTP request (status code, method, etc)
- Distributed Tracing to see attack flows through your applications
ASM Capability Notes
- Vulnerability Management for OSS is not supported
- Vulnerability Management for Code-level is not supported
The following frameworks aren’t directly instrumented by ASM, but indirectly supported through runtime instrumentation.
| Framework | Versions | Threat Detection supported? | Threat Protection supported? |
|---|
| CakePHP | 2.x | | |
| CodeIgniter | 2.x | | |
| FuelPHP | 1.1 | | |
| Laravel | 4.2, 5.x, 6.x | | |
| Laravel 8 | 8.x (tracer 0.52.0+) | | |
| Lumen | 1.9-2.29 | | |
| Magento | 3.8+ | | |
| Neos Flow | 3.0.x | | |
| Phalcon | 3.1+ | | |
| Slim | 3.1+ | | |
| Symfony 3 | 3.1+ | | |
| Symfony 4 | 3.1+ | | |
| Symfony 5 | 3.1+ | | |
| Wordpress | 3.1+ | | |
| Yii | 3.1+ | | |
| Zend | 3.1+ | | |
| Symfony 3 | 3.1+ | | |
Data store compatibility
Datastore tracing provides:
- SQL attack detection
- query info (for example, a sanitized query string)
- error and stacktrace capturing
ASM Capability Notes
- Vulnerability Management for OSS is not supported
- Vulnerability Management for Code-level is not supported
- Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.
| Framework | Versions | Threat Detection supported? | Threat Protection supported? |
|---|
| Amazon RDS | Any supported PHP | | |
| Eloquent | Laravel supported versions | | |
| Memcached | Any supported PHP | | |
| MySQLi | Any supported PHP | | |
| PDO | Any supported PHP | | |
| PHPRedis | 3, 4, 5 | | |
| Predis | 1.1 | | |
User Authentication Frameworks compatibility
Integrations to User Authentication Frameworks provide:
- User login events, including the user IDs
- Account Takeover detection monitoring for user login events
| Framework | Minimum Framework Version |
|---|
| Laravel | 4.2 |
| Symfony | 3.3 |
| Wordpress | 4.8 |
