Laravel Firewall Package


August 6th, 2019

Laravel Firewall Package

The Laravel Firewall by Denis Duliçi is a package with various different middleware that do things like prevent various types of attacks:

This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi, RFI, LFI, User Agent, and a lot more. It will also block repeated attacks and send notification via email and/or slack when attack is detected. Furthermore, it will log failed logins and block the IP after a number of attempts.

Here’s an example of the firewall whitelist middleware which you could use for something like only allowing whitelisted IPs access to your app’s admin routes:

Route::group(['middleware' => 'firewall.whitelist'], function () {
Route::get('/admin', 'AdminController@index');

Because the documentation isn’t finished (yet), I would recommend checking out the middleware code to see how each works before use. Learn which configuration options are available, how the middleware might trigger an alert event, and how you can configure it. Some of the middleware might also be a work in progress, so there might be an opportunity to contribute back to the project.

You can learn more about this package, get full installation instructions, and view the source code on GitHub at akaunting/firewall.

Filed in:

Paul Redmond

Full stack web developer. Author of Lumen Programming Guide and Docker for PHP Developers.