PHPackages agenter-labs/laravel-firewall - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. agenter-labs/laravel-firewall ActiveLibrary[Security](/categories/security) agenter-labs/laravel-firewall ============================= Web Application Firewall (WAF) package for Laravel 2.0.0(4y ago)0350MITPHPPHP ^8.1 Since Jul 16Pushed 4y ago1 watchersCompare [ Source](https://github.com/agenter-labs/laravel-firewall)[ Packagist](https://packagist.org/packages/agenter-labs/laravel-firewall)[ RSS](/packages/agenter-labs-laravel-firewall/feed)WikiDiscussions master Synced yesterday READMEChangelogDependencies (5)Versions (29)Used By (0) Web Application Firewall (WAF) package for Laravel ================================================== [](#web-application-firewall-waf-package-for-laravel) [![Downloads](https://camo.githubusercontent.com/3421595491cf137b12a82c06b5f173d2135d6a1b4314a721e43001ee752f90e3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f4167656e7465724c61622f6c61726176656c2d6669726577616c6c)](https://camo.githubusercontent.com/3421595491cf137b12a82c06b5f173d2135d6a1b4314a721e43001ee752f90e3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f4167656e7465724c61622f6c61726176656c2d6669726577616c6c)[![Tests](https://camo.githubusercontent.com/a244227fa47e3de39a6452d98872d0d83c08f3ff475c5df2181164fddcec5f04/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f4167656e7465724c61622f6c61726176656c2d6669726577616c6c2f54657374733f6c6162656c3d7465737473)](https://camo.githubusercontent.com/a244227fa47e3de39a6452d98872d0d83c08f3ff475c5df2181164fddcec5f04/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f4167656e7465724c61622f6c61726176656c2d6669726577616c6c2f54657374733f6c6162656c3d7465737473)[![StyleCI](https://camo.githubusercontent.com/cfd7c06967d33db2f9b076f855751b2b6f9aabd2a67201bafc219affcd99cc20/68747470733a2f2f6769746875622e7374796c6563692e696f2f7265706f732f3139373234323339322f736869656c643f7374796c653d666c6174266272616e63683d6d6173746572)](https://styleci.io/repos/197242392)[![Quality](https://camo.githubusercontent.com/a54c1d4a0864aa5584f6da3ce9fd59b5c5fa7bc73d3e9214260744e515c15f54/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f7175616c6974792f672f4167656e7465724c61622f6c61726176656c2d6669726577616c6c3f6c6162656c3d7175616c697479)](https://scrutinizer-ci.com/g/AgenterLab/laravel-firewall)[![License](https://camo.githubusercontent.com/66343284c27db91800262989c05b463f85e0fd83a7ec91b13b669c90c28a6e27/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f4167656e7465724c61622f6c61726176656c2d6669726577616c6c)](LICENSE.md) This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi, RFI, LFI, User Agent, and a lot more. It will also block repeated attacks and send notification via email and/or slack when attack is detected. Furthermore, it will log failed logins and block the IP after a number of attempts. Note: Some middleware classes (i.e. Xss) are empty as the `Middleware` abstract class that they extend does all of the job, dynamically. In short, they all works ;) Getting Started --------------- [](#getting-started) ### 1. Install [](#1-install) Run the following command: ``` composer require AgenterLab/laravel-firewall ``` ### 2. Register (for Laravel < 5.5) [](#2-register-for-laravel--55) Register the service provider in `config/app.php` ``` AgenterLab\Firewall\Provider::class, ``` ### 3. Publish [](#3-publish) Publish configuration, language, and migrations ``` php artisan vendor:publish --tag=firewall ``` ### 4. Database [](#4-database) Create db tables ``` php artisan migrate ``` ### 5. Configure [](#5-configure) You can change the firewall settings of your app from `config/firewall.php` file Usage ----- [](#usage) Middlewares are already defined so should just add them to routes. The `firewall.all` middleware applies all the middlewares available in the `all_middleware` array of config file. ``` Route::group(['middleware' => 'firewall.all'], function () { Route::get('/', 'HomeController@index'); }); ``` You can apply each middleware per route. For example, you can allow only whitelisted IPs to access admin: ``` Route::group(['middleware' => 'firewall.whitelist'], function () { Route::get('/admin', 'AdminController@index'); }); ``` Or you can get notified when anyone NOT in `whitelist` access admin, by adding it to the `inspections` config: ``` Route::group(['middleware' => 'firewall.url'], function () { Route::get('/admin', 'AdminController@index'); }); ``` Available middlewares applicable to routes: ``` firewall.all firewall.agent firewall.bot firewall.geo firewall.ip firewall.lfi firewall.php firewall.referrer firewall.rfi firewall.session firewall.sqli firewall.swear firewall.url firewall.whitelist firewall.xss ``` You may also define `routes` for each middleware in `config/firewall.php` and apply that middleware or `firewall.all` at the top of all routes. Notifications ------------- [](#notifications) Firewall will send a notification as soon as an attack has been detected. Emails entered in `notifications.email.to` config must be valid Laravel users in order to send notifications. Check out the Notifications documentation of Laravel for further information. Changelog --------- [](#changelog) Please see [Releases](../../releases) for more information what has changed recently. Contributing ------------ [](#contributing) Pull requests are more than welcome. You must follow the PSR coding standards. Security -------- [](#security) If you discover any security related issues, please email instead of using the issue tracker. Credits ------- [](#credits) - [Denis Duliçi](https://github.com/denisdulici) - [All Contributors](../../contributors) License ------- [](#license) The MIT License (MIT). Please see [LICENSE](LICENSE.md) for more information. ### Health Score 33 — LowBetter than 75% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community9 Small or concentrated contributor base Maturity78 Established project with proven stability Bus Factor1 Top contributor holds 94.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~36 days Recently: every ~99 days Total 28 Last Release 1499d ago Major Versions 1.3.1 → 2.0.02022-04-04 PHP version history (3 changes)1.0.0PHP >=5.6.4 1.3.0PHP >=7.0 2.0.0PHP ^8.1 ### Community Maintainers ![](https://www.gravatar.com/avatar/bd46fd4f768f5e375e0cae98652143335896c9bcb188ae404751e82cefbebcf7?d=identicon)[agenter-labs](/maintainers/agenter-labs) --- Top Contributors [![denisdulici](https://avatars.githubusercontent.com/u/5254835?v=4)](https://github.com/denisdulici "denisdulici (73 commits)")[![mozami](https://avatars.githubusercontent.com/u/613641?v=4)](https://github.com/mozami "mozami (4 commits)") --- Tags laravelsecurityxssblacklistfirewallsqliwafrfilfi ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/agenter-labs-laravel-firewall/health.svg) ``` [![Health](https://phpackages.com/badges/agenter-labs-laravel-firewall/health.svg)](https://phpackages.com/packages/agenter-labs-laravel-firewall) ``` ### Alternatives [akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall)[masterro/laravel-xss-filter Filter user input for XSS but don't touch other html 41254.5k](/packages/masterro-laravel-xss-filter) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)