PHPackages ctw/ctw-middleware-generatedby - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. ctw/ctw-middleware-generatedby ActiveLibrary[HTTP & Networking](/categories/http) ctw/ctw-middleware-generatedby ============================== This PSR-15 middleware adds an X-Generated-By UUID v5 to the Response header. 4.0.4(5mo ago)121BSD-3-ClausePHPPHP ^8.3CI passing Since Mar 13Pushed 5mo ago1 watchersCompare [ Source](https://github.com/jonathanmaron/ctw-middleware-generatedby)[ Packagist](https://packagist.org/packages/ctw/ctw-middleware-generatedby)[ RSS](/packages/ctw-ctw-middleware-generatedby/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (7)Versions (35)Used By (0) Package "ctw/ctw-middleware-generatedby" ======================================== [](#package-ctwctw-middleware-generatedby) [![Latest Stable Version](https://camo.githubusercontent.com/c3c3ccd42025b56f17a8e28d2acc753192030aed6448d228a7bf05a0d492b65e/68747470733a2f2f706f7365722e707567782e6f72672f6374772f6374772d6d6964646c65776172652d67656e65726174656462792f762f737461626c65)](https://packagist.org/packages/ctw/ctw-middleware-generatedby)[![GitHub Actions](https://github.com/jonathanmaron/ctw-middleware-generatedby/actions/workflows/tests.yml/badge.svg)](https://github.com/jonathanmaron/ctw-middleware-generatedby/actions/workflows/tests.yml)[![Scrutinizer Build](https://camo.githubusercontent.com/4e8db98beb80015251b067dc5286e99beda181bc470db4adf72bc6c286266c58/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f6e617468616e6d61726f6e2f6374772d6d6964646c65776172652d67656e65726174656462792f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/jonathanmaron/ctw-middleware-generatedby/build-status/master)[![Scrutinizer Quality](https://camo.githubusercontent.com/34707d42c816984041bcac788ce937b50d3654ddfcde5b09144267affe581c51/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f6e617468616e6d61726f6e2f6374772d6d6964646c65776172652d67656e65726174656462792f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/jonathanmaron/ctw-middleware-generatedby/?branch=master)[![Code Coverage](https://camo.githubusercontent.com/cdcb92d8f6321f45ee6eec4d5c449b382e57d3fd15a4d4604a1c8da6d4691762/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f6e617468616e6d61726f6e2f6374772d6d6964646c65776172652d67656e65726174656462792f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/jonathanmaron/ctw-middleware-generatedby/?branch=master) PSR-15 middleware that adds an `X-Generated-By` header containing a UUID v5 identifier derived from server IP and hostname, enabling anonymous server identification in load-balanced environments. Introduction ------------ [](#introduction) ### Why This Library Exists [](#why-this-library-exists) In multi-server deployments behind load balancers, identifying which application server processed a request is essential for debugging and monitoring. However, exposing server IP addresses in response headers creates security risks and violates infrastructure privacy. This middleware generates a deterministic UUID v5 from the server's IP address (`SERVER_ADDR`) and hostname (`SERVER_NAME`): - **Anonymous identification**: Each server gets a unique, consistent UUID without exposing its IP - **Debugging capability**: Quickly identify which server in a cluster handled a specific request - **Security preservation**: UUIDs cannot be reverse-engineered to reveal server addresses - **Consistent tracking**: The same server always produces the same UUID ### Problems This Library Solves [](#problems-this-library-solves) 1. **Blind load balancing**: Without server identification, debugging issues in clustered environments is difficult 2. **IP address exposure**: Traditional `X-Served-By` headers often expose internal IPs, creating security risks 3. **Inconsistent identification**: Random request IDs don't help identify servers across multiple requests 4. **Infrastructure leakage**: Server hostnames and IPs can reveal infrastructure topology to attackers 5. **Log correlation**: Matching application logs to specific servers without a stable identifier is challenging ### Where to Use This Library [](#where-to-use-this-library) - **Load-balanced deployments**: Identify which backend server handled each request - **Kubernetes/container environments**: Track requests to specific pods without exposing pod IPs - **Multi-region deployments**: Distinguish between geographic server locations - **Debugging sessions**: Correlate client-side errors with specific server instances - **Performance analysis**: Identify servers with different performance characteristics ### Design Goals [](#design-goals) 1. **Privacy-preserving**: Uses UUID v5 hashing to hide actual server details 2. **Deterministic**: Same server always produces the same UUID across restarts 3. **Standards-based**: Uses RFC 4122 UUID v5 (SHA-1 namespace-based) 4. **Minimal overhead**: UUID generation is computationally trivial 5. **Non-intrusive**: Adds metadata header without modifying response content Requirements ------------ [](#requirements) - PHP 8.3 or higher - ctw/ctw-middleware ^4.0 - ramsey/uuid ^4.1 Installation ------------ [](#installation) Install by adding the package as a [Composer](https://getcomposer.org) requirement: ``` composer require ctw/ctw-middleware-generatedby ``` Usage Examples -------------- [](#usage-examples) ### Basic Pipeline Registration (Mezzio) [](#basic-pipeline-registration-mezzio) ``` use Ctw\Middleware\GeneratedByMiddleware\GeneratedByMiddleware; // In config/pipeline.php or similar $app->pipe(GeneratedByMiddleware::class); ``` ### Response Header Output [](#response-header-output) ``` HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 X-Generated-By: 78ac0e14-0f2b-529e-81e2-a0f50f6029c5 ``` ### Inspecting with cURL [](#inspecting-with-curl) ``` curl -I https://example.com/ # Response includes: # X-Generated-By: 78ac0e14-0f2b-529e-81e2-a0f50f6029c5 ``` ### ConfigProvider Registration [](#configprovider-registration) The package includes a `ConfigProvider` for automatic factory registration: ``` // config/config.php return [ // ... \Ctw\Middleware\GeneratedByMiddleware\ConfigProvider::class, ]; ``` ### UUID Generation [](#uuid-generation) The UUID v5 is generated from a combination of server parameters: ParameterSourceExampleServer IP`$_SERVER['SERVER_ADDR']``192.168.1.100`Server Name`$_SERVER['SERVER_NAME']``www.example.com`CombinedConcatenated, lowercased`192.168.1.100www.example.com`UUID v5SHA-1 hash with URL namespace`78ac0e14-0f2b-529e-81e2-a0f50f6029c5`### Server Identification Table [](#server-identification-table) Create a mapping table for your infrastructure: ServerIPHostnameUUIDweb-0110.0.1.10app.example.com`a1b2c3d4-...`web-0210.0.1.11app.example.com`e5f6g7h8-...`web-0310.0.1.12app.example.com`i9j0k1l2-...`This allows you to identify servers from response headers without exposing infrastructure details. ### Health Score 45 — FairBetter than 92% of packages Maintenance70 Regular maintenance activity Popularity8 Limited adoption so far Community7 Small or concentrated contributor base Maturity79 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~52 days Recently: every ~131 days Total 34 Last Release 169d ago Major Versions 1.0.2 → 2.0.02022-02-14 2.0.0 → 3.0.02022-07-07 3.0.24 → 4.0.02024-06-18 PHP version history (4 changes)1.0.0PHP ^7.4 || ^8.0 3.0.0PHP ^8.0 3.0.9PHP ^8.1 4.0.0PHP ^8.3 ### Community Maintainers ![](https://www.gravatar.com/avatar/18d8bc9bdee8ab1b0cfccce6a06d2438acbed3a58b0046c4834c5678f6769342?d=identicon)[jonathanmaron](/maintainers/jonathanmaron) --- Top Contributors [![jonathanmaron](https://avatars.githubusercontent.com/u/298462?v=4)](https://github.com/jonathanmaron "jonathanmaron (57 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/ctw-ctw-middleware-generatedby/health.svg) ``` [![Health](https://phpackages.com/badges/ctw-ctw-middleware-generatedby/health.svg)](https://phpackages.com/packages/ctw-ctw-middleware-generatedby) ``` ### Alternatives [api-platform/core Build a fully-featured hypermedia or GraphQL API in minutes! 2.6k48.1M236](/packages/api-platform-core)[shopify/shopify-api Shopify API Library for PHP 4634.8M16](/packages/shopify-shopify-api)[api-platform/state API Platform state interfaces 223.4M57](/packages/api-platform-state)[mezzio/mezzio-swoole Swoole support for Mezzio 92238.9k3](/packages/mezzio-mezzio-swoole)[laminas/laminas-psr7bridge Bidirectional conversions between PSR-7 and laminas-http messages 117.9M18](/packages/laminas-laminas-psr7bridge)[mezzio/mezzio-authentication-oauth2 OAuth2 (server) authentication middleware for Mezzio and PSR-7 applications. 28483.0k2](/packages/mezzio-mezzio-authentication-oauth2) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)