{"id":36992139,"url":"https://github.com/securenative/securenative-php","last_synced_at":"2026-01-13T23:44:18.335Z","repository":{"id":56025738,"uuid":"204917058","full_name":"securenative/securenative-php","owner":"securenative","description":"SecureNative SDK for PHP","archived":false,"fork":false,"pushed_at":"2020-11-30T15:12:09.000Z","size":123,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-07-28T00:53:04.954Z","etag":null,"topics":["php","sdk","securenative","security-platform"],"latest_commit_sha":null,"homepage":"https://securenative.com","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/securenative.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-08-28T11:35:53.000Z","updated_at":"2020-11-30T14:31:39.000Z","dependencies_parsed_at":"2022-08-15T11:40:34.486Z","dependency_job_id":null,"html_url":"https://github.com/securenative/securenative-php","commit_stats":null,"previous_names":[],"tags_count":25,"template":false,"template_full_name":null,"purl":"pkg:github/securenative/securenative-php","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/securenative%2Fsecurenative-php","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/securenative%2Fsecurenative-php/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/securenative%2Fsecurenative-php/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/securenative%2Fsecurenative-php/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/securenative","download_url":"https://codeload.github.com/securenative/securenative-php/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/securenative%2Fsecurenative-php/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28405181,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-13T21:51:37.118Z","status":"ssl_error","status_checked_at":"2026-01-13T21:45:14.585Z","response_time":56,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["php","sdk","securenative","security-platform"],"created_at":"2026-01-13T23:44:17.753Z","updated_at":"2026-01-13T23:44:18.329Z","avatar_url":"https://github.com/securenative.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.securenative.com\"\u003e\u003cimg src=\"https://user-images.githubusercontent.com/45174009/77826512-f023ed80-7120-11ea-80e0-58aacde0a84e.png\" alt=\"SecureNative Logo\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cb\u003eA Cloud-Native Security Monitoring and Protection for Modern Applications\u003c/b\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/securenative/securenative-php\"\u003e\n    \u003cimg alt=\"Github Actions\" src=\"https://github.com/securenative/securenative-php/workflows/CI/badge.svg\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://codecov.io/gh/securenative/securenative-php\"\u003e\n    \u003cimg src=\"https://codecov.io/gh/securenative/securenative-php/branch/master/graph/badge.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://packagist.org/packages/securenative/securenative-php\"\u003e\n  \u003cimg src=\"https://img.shields.io/packagist/v/securenative/securenative-php\" alt=\"npm version\" height=\"20\"\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://docs.securenative.com\"\u003eDocumentation\u003c/a\u003e |\n  \u003ca href=\"https://docs.securenative.com/quick-start\"\u003eQuick Start\u003c/a\u003e |\n  \u003ca href=\"https://blog.securenative.com\"\u003eBlog\u003c/a\u003e |\n  \u003ca href=\"\"\u003eChat with us on Slack!\u003c/a\u003e\n\u003c/p\u003e\n\u003chr/\u003e\n\n\n[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.\n\n## Install the SDK\n\nWhen using Composer run the following command:\n```shell script\n$ composer require securenative/securenative-php\n```\n\n### Add required imports\n```php\nrequire_once __DIR__ . '/vendor/autoload.php';\n\nuse SecureNative\\sdk\\SecureNative;\nuse SecureNative\\sdk\\SecureNativeOptions;\nuse SecureNative\\sdk\\EventTypes;\nuse SecureNative\\sdk\\SecureNativeContext;\n```\n\n## Initialize the SDK\n\nTo get your *API KEY*, login to your SecureNative account and go to project settings page:\n\n### Option 1: Initialize via API_KEY and SecureNativeOptions\n```php\n$options = new SecureNativeOptions();\n$options-\u003esetTimeout(100)\n    -\u003esetApiUrl(\"API URL\")\n    -\u003esetDisable(false)\n    -\u003esetInterval(100)\n    -\u003esetAutoSend(true)\n    -\u003esetMaxEvents(10)\n    -\u003esetLogLevel('fatal');\n\n// Passing `$options` is optional, will use default params\nSecureNative::init(\"[API_KEY]\", $options);\n```\n### Option 2: Initialize via configuration file\n\nAttach `securenative.json` file to your root folder:\n\n```json\n{\n  \"SECURENATIVE_API_KEY\": \"YOUR_API_KEY\",\n  \"SECURENATIVE_APP_NAME\": \"APP_NAME\",\n  \"SECURENATIVE_API_URL\": \"API_URL\",\n  \"SECURENATIVE_INTERVAL\": 1000,\n  \"SECURENATIVE_MAX_EVENTS\": 100,\n  \"SECURENATIVE_TIMEOUT\": 1500,\n  \"SECURENATIVE_AUTO_SEND\": true,\n  \"SECURENATIVE_DISABLE\": false,\n  \"SECURENATIVE_LOG_LEVEL\": \"fatal\"\n}\n```\nThen, call SDK's `init` function without props (sending props will override JSON configurations).\n```php\nSecureNative::init();\n```\n\n### Option 3: Initialize via environment variables\n\nPass desired environment variables (for example):\n\n```shell script\nSECURENATIVE_API_KEY=TEST_KEY\nSECURENATIVE_API_URL=http://url\nSECURENATIVE_INTERVAL=100\nSECURENATIVE_MAX_EVENTS=30\nSECURENATIVE_TIMEOUT=1500\nSECURENATIVE_AUTO_SEND=true\nSECURENATIVE_DISABLE=false\nSECURENATIVE_LOG_LEVEL=fatal\n```\n\nThen, call SDK's `init` function without props (sending props will override JSON configurations).\n```php\nSecureNative::init();\n```\n\n## Tracking events\n\nOnce the SDK has been initialized, tracking requests sent through the SDK\ninstance.\n\n```php\n$clientToken = \"[SECURED_CLIENT_TOKEN]\";\n$headers = (object)[\"user-agent\" =\u003e \"Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us\"];\n$ip = \"79.179.88.157\";\n$remoteIp = null;\n$url = null;\n$method = null;\n$body = null;\n\n$ctx = new SecureNativeContext($clientToken, $ip, $remoteIp, $headers, $url, $method, $body);\n\nSecureNative::track(array(\n    'event' =\u003e EventTypes::LOG_IN,\n    'context' =\u003e $ctx,\n    'userId' =\u003e '1234',\n    'userTraits' =\u003e (object)[\n        'name' =\u003e 'Your Name',\n        'email' =\u003e 'name@gmail.com'\n    ],\n    // Custom properties\n    'properties' =\u003e (object)[\n        \"custom_param1\" =\u003e \"CUSTOM_PARAM_VALUE\",\n        \"custom_param2\" =\u003e true,\n        \"custom_param3\" =\u003e 3\n    ]\n));\n ```\n\nYou can also create request context from request:\n ```php\nSecureNative::track(array(\n    'event' =\u003e EventTypes::LOG_IN,\n    'context' =\u003e SecureNative::contextFromContext(),\n    'userId' =\u003e '1234',\n    'userTraits' =\u003e (object)[\n        'name' =\u003e 'Your Name',\n        'email' =\u003e 'name@gmail.com'\n    ],\n    // Custom properties\n    'properties' =\u003e (object)[\n        \"custom_param1\" =\u003e \"CUSTOM_PARAM_VALUE\",\n        \"custom_param2\" =\u003e true,\n        \"custom_param3\" =\u003e 3\n    ]\n));\n ```\n\n## Verify events\n\n**Example**\n\n```php\n$options = new SecureNativeOptions();\n\n$ver = SecureNative::verify(array(\n    'event' =\u003e EventTypes::VERIFY,\n    'userId' =\u003e '1234',\n    'context' =\u003e SecureNative::fromRequest(),\n    'userTraits' =\u003e (object)[\n        'name' =\u003e 'Your Name',\n        'email' =\u003e 'name@gmail.com'\n    ]\n));\n\nprint_r($ver-\u003eriskLevel);   // (Low, Medium, High)\nprint_r($ver-\u003escore);       // (0 - Very Low, 1 - Very High)\nprint_r($ver-\u003etriggers);    // (Example: [\"TOR\", \"New IP\", \"New City\"])\n```\n\n## Webhook signature verification\n\nApply our filter to verify the request is from us, for example:\n\n```php\n$verified = SecureNative::getMiddleware()-\u003everifySignature();\n\nif ($verified) {\n    // Request is trusted (coming from SecureNative) \n}\n ```\n\n## Extract proxy headers from cloud providers\n\nYou can specify custom header keys to allow extraction of client ip from different providers.\nThis example demonstrates the usage of proxy headers for ip extraction from Cloudflare.\n\n### Option 1: Using config file\n```json\n{\n    \"SECURENATIVE_API_KEY\": \"YOUR_API_KEY\",\n    \"SECURENATIVE_PROXY_HEADERS\": [\"CF-Connecting-IP\"]\n}\n```\n\nInitialize sdk as shown above.\n\n### Options 2: Using ConfigurationBuilder\n\n```php\n$options = new SecureNativeOptions();\n$options-\u003esetProxyHeaders([\"CF-Connecting-IP\"]);\n\nSecureNative::init();\n``` \n\n\n## Remove PII Data From Headers\n\nBy default, SecureNative SDK remove any known pii headers from the received request.\nWe also support using custom pii headers and regex matching via configuration, for example:\n\n### Option 1: Using config file\n```json\n{\n    \"SECURENATIVE_API_KEY\": \"YOUR_API_KEY\",\n    \"SECURENATIVE_PII_HEADERS\": [\"apiKey\"]\n}\n```\n\nInitialize sdk as shown above.\n\n### Options 2: Using ConfigurationBuilder\n\n```php\n$options = new SecureNativeOptions();\n$options-\u003esetPiiRegexPattern(\"/http_auth_/i\");\n\nSecureNative::init();\n``` ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecurenative%2Fsecurenative-php","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecurenative%2Fsecurenative-php","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecurenative%2Fsecurenative-php/lists"}