{"id":13540130,"url":"https://github.com/akaunting/laravel-firewall","last_synced_at":"2025-04-29T14:36:38.668Z","repository":{"id":38827108,"uuid":"197242392","full_name":"akaunting/laravel-firewall","owner":"akaunting","description":"Web Application Firewall (WAF) package for Laravel","archived":false,"fork":false,"pushed_at":"2025-04-09T21:46:41.000Z","size":109,"stargazers_count":964,"open_issues_count":11,"forks_count":113,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-04-20T16:54:21.972Z","etag":null,"topics":["akaunting","blacklist","firewall","laravel","php","security","waf","whitelist"],"latest_commit_sha":null,"homepage":"https://akaunting.com","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/akaunting.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-07-16T17:53:52.000Z","updated_at":"2025-04-09T21:44:15.000Z","dependencies_parsed_at":"2023-01-31T08:46:23.853Z","dependency_job_id":"5b4cddac-2d03-4920-ac8d-4d08662c1850","html_url":"https://github.com/akaunting/laravel-firewall","commit_stats":{"total_commits":124,"total_committers":11,"mean_commits":"11.272727272727273","dds":"0.19354838709677424","last_synced_commit":"b01b55b4e74510b084be5c37feb0fbc442a4484e"},"previous_names":["akaunting/firewall"],"tags_count":41,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akaunting%2Flaravel-firewall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akaunting%2Flaravel-firewall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akaunting%2Flaravel-firewall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akaunting%2Flaravel-firewall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/akaunting","download_url":"https://codeload.github.com/akaunting/laravel-firewall/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251519943,"owners_count":21602415,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["akaunting","blacklist","firewall","laravel","php","security","waf","whitelist"],"created_at":"2024-08-01T09:01:41.060Z","updated_at":"2025-04-29T14:36:38.625Z","avatar_url":"https://github.com/akaunting.png","language":"PHP","funding_links":[],"categories":["\u003ca id=\"0abd611fc3e9a4d9744865ca6e47a6b2\"\u003e\u003c/a\u003e工具","\u003ca id=\"946d766c6a0fb23b480ff59d4029ec71\"\u003e\u003c/a\u003e防护\u0026\u0026Defense","PHP"],"sub_categories":["\u003ca id=\"784ea32a3f4edde1cd424b58b17e7269\"\u003e\u003c/a\u003eWAF"],"readme":"# Web Application Firewall (WAF) package for Laravel\n\n![Downloads](https://img.shields.io/packagist/dt/akaunting/laravel-firewall)\n![Tests](https://img.shields.io/github/actions/workflow/status/akaunting/laravel-firewall/tests.yml?label=tests)\n[![StyleCI](https://github.styleci.io/repos/197242392/shield?style=flat\u0026branch=master)](https://styleci.io/repos/197242392)\n[![License](https://img.shields.io/github/license/akaunting/laravel-firewall)](LICENSE.md)\n\nThis package intends to protect your Laravel app from different type of attacks such as XSS, SQLi, RFI, LFI, User Agent, and a lot more. It will also block repeated attacks and send notification via email and/or slack when attack is detected. Furthermore, it will log failed logins and block the IP after a number of attempts.\n\nNote: Some middleware classes (i.e. Xss) are empty as the `Middleware` abstract class that they extend does all of the job, dynamically. In short, they all works ;)\n\n## Getting Started\n\n### 1. Install\n\nRun the following command:\n\n```bash\ncomposer require akaunting/laravel-firewall\n```\n\n### 2. Publish\n\nPublish configuration, language, and migrations\n\n```bash\nphp artisan vendor:publish --tag=firewall\n```\n\n### 3. Database\n\nCreate db tables\n\n```bash\nphp artisan migrate\n```\n\n### 4. Configure\n\nYou can change the firewall settings of your app from `config/firewall.php` file\n\n## Usage\n\nMiddlewares are already defined so should just add them to routes. The `firewall.all` middleware applies all the middlewares available in the `all_middleware` array of config file.\n\n```php\nRoute::group(['middleware' =\u003e 'firewall.all'], function () {\n    Route::get('/', 'HomeController@index');\n});\n```\n\nYou can apply each middleware per route. For example, you can allow only whitelisted IPs to access admin:\n\n```php\nRoute::group(['middleware' =\u003e 'firewall.whitelist'], function () {\n    Route::get('/admin', 'AdminController@index');\n});\n```\n\nOr you can get notified when anyone NOT in `whitelist` access admin, by adding it to the `inspections` config:\n\n```php\nRoute::group(['middleware' =\u003e 'firewall.url'], function () {\n    Route::get('/admin', 'AdminController@index');\n});\n```\n\nAvailable middlewares applicable to routes:\n\n```php\nfirewall.all\n\nfirewall.agent\nfirewall.bot\nfirewall.geo\nfirewall.ip\nfirewall.lfi\nfirewall.php\nfirewall.referrer\nfirewall.rfi\nfirewall.session\nfirewall.sqli\nfirewall.swear\nfirewall.url\nfirewall.whitelist\nfirewall.xss\n```\n\nYou may also define `routes` for each middleware in `config/firewall.php` and apply that middleware or `firewall.all` at the top of all routes.\n\n## Notifications\n\nFirewall will send a notification as soon as an attack has been detected. Emails entered in `notifications.email.to` config must be valid Laravel users in order to send notifications. Check out the Notifications documentation of Laravel for further information.\n\n## Changelog\n\nPlease see [Releases](../../releases) for more information on what has changed recently.\n\n## Contributing\n\nPull requests are more than welcome. You must follow the PSR coding standards.\n\n## Security\n\nPlease review [our security policy](https://github.com/akaunting/laravel-firewall/security/policy) on how to report security vulnerabilities.\n\n## Credits\n\n- [Denis Duliçi](https://github.com/denisdulici)\n- [All Contributors](../../contributors)\n\n## License\n\nThe MIT License (MIT). Please see [LICENSE](LICENSE.md) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakaunting%2Flaravel-firewall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fakaunting%2Flaravel-firewall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakaunting%2Flaravel-firewall/lists"}