PHPackages aureola/laravel-teapot - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. aureola/laravel-teapot ActiveLibrary[Security](/categories/security) aureola/laravel-teapot ====================== Laravel teapot to trap vulnerability scanners and integrate with fail2ban via HTTP 418 v1.0.0(4mo ago)2892↑744.4%MITPHPPHP ^8.1 Since Feb 3Pushed 4mo agoCompare [ Source](https://github.com/aureola-codes/laravel-teapot)[ Packagist](https://packagist.org/packages/aureola/laravel-teapot)[ RSS](/packages/aureola-laravel-teapot/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependencies (5)Versions (2)Used By (0) Aureola Laravel Teapot ====================== [](#aureola-laravel-teapot) Responds with **HTTP 418 I'm a Teapot** when a request hits a teapot path. Use with [fail2ban](https://www.fail2ban.org/) to ban those IPs. How it works ------------ [](#how-it-works) - You list path patterns in `config/teapot.php`. - If the request path matches, the app returns **418** (via the fallback for unmatched URLs). - Your server logs 418; fail2ban reads the log and bans the IP. Installation ------------ [](#installation) ``` composer require aureola/laravel-teapot ``` Nothing else to do; the package registers itself. Configuration ------------- [](#configuration) Publish and edit the config: ``` php artisan vendor:publish --tag=teapot-config ``` `paths` is an array of **regex alternatives** (matched from the start of the path, case-insensitive). Escape special chars for literals: `\.` for a dot, `\/` for a slash. ``` 'paths' => [ '\.env', '\.git\/', 'wp-admin', '\.env(\..*)?', // ... ], ``` **ignore\_logged\_in** – when `true`, authenticated users are never treated as teapot hits. Fail2ban -------- [](#fail2ban) This repo includes fail2ban configs in **`fail2ban/`**: - **Nginx:** copy `fail2ban/filter.d/nginx-teapot.conf` and `fail2ban/jail.d/nginx-teapot.conf` to `/etc/fail2ban/filter.d/` and `/etc/fail2ban/jail.d/`. - **Apache:** copy `fail2ban/filter.d/apache-teapot.conf` and `fail2ban/jail.d/apache-teapot.conf` instead. Adjust `logpath` in the jail if your access log is elsewhere. Then restart fail2ban: `sudo fail2ban-client restart` What the package registers -------------------------- [](#what-the-package-registers) A **fallback** for unmatched URLs: 418 if the path matches a teapot pattern, 404 otherwise. Statamic Compatibility ---------------------- [](#statamic-compatibility) This package is compatible with [Statamic CMS](https://statamic.com/). When Statamic is installed, the package automatically adds the `CheckTeapot` middleware to the `statamic.web` middleware group, ensuring teapot paths are checked on all Statamic web requests. Requirements ------------ [](#requirements) - PHP 8.1+ - Laravel 10.x, 11.x, or 12.x License ------- [](#license) MIT License, Copyright (c) 2026 Christian Hanne ### Health Score 39 — LowBetter than 85% of packages Maintenance74 Regular maintenance activity Popularity23 Limited adoption so far Community6 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 143d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b0c8c21c4b75082fa0d7a1c41cc59e89c15602ca0115dee12d968a8039045d05?d=identicon)[aureola](/maintainers/aureola) --- Top Contributors [![christianhanne](https://avatars.githubusercontent.com/u/16824279?v=4)](https://github.com/christianhanne "christianhanne (1 commits)") --- Tags laravelsecuritystatamicvulnerability scannerfail2banteapot ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/aureola-laravel-teapot/health.svg) ``` [![Health](https://phpackages.com/badges/aureola-laravel-teapot/health.svg)](https://phpackages.com/packages/aureola-laravel-teapot) ``` ### Alternatives [psalm/plugin-laravel Psalm plugin for Laravel 3345.1M337](/packages/psalm-plugin-laravel)[laravel/mcp Rapidly build MCP servers for your Laravel applications. 76518.2M120](/packages/laravel-mcp)[api-platform/laravel API Platform support for Laravel 59156.3k11](/packages/api-platform-laravel)[fleetbase/core-api Core Framework and Resources for Fleetbase API 1232.2k16](/packages/fleetbase-core-api) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)