PHPackages emotality/laravel-block-cf-origin - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. emotality/laravel-block-cf-origin ActiveLibrary[Security](/categories/security) emotality/laravel-block-cf-origin ================================= Laravel package to block direct requests to your Cloudlfare-protected origin server. 1.0.2(1y ago)08MITPHPPHP ^8.0 Since May 5Pushed 1y ago1 watchersCompare [ Source](https://github.com/emotality/laravel-block-cf-origin)[ Packagist](https://packagist.org/packages/emotality/laravel-block-cf-origin)[ Docs](https://github.com/emotality/laravel-block-cf-origin)[ Fund](https://www.buymeacoffee.com/emotality)[ GitHub Sponsors](https://github.com/emotality)[ RSS](/packages/emotality-laravel-block-cf-origin/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (6)Versions (5)Used By (0) Block non-Cloudflare requests in Laravel ======================================== [](#block-non-cloudflare-requests-in-laravel) [![License](https://camo.githubusercontent.com/2aab9b5023c5ed6f2fc0731980f2a83e09a5088952dadc5aa6b3e708b32eadd3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f656d6f74616c6974792f6c61726176656c2d626c6f636b2d63662d6f726967696e)](https://packagist.org/packages/emotality/laravel-block-cf-origin) [![Latest Version](https://camo.githubusercontent.com/fcef46643cb3b2dbe5b6e547f43585a77cf1bff8f93096e39cfc7a871320cdc0/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f656d6f74616c6974792f6c61726176656c2d626c6f636b2d63662d6f726967696e)](https://packagist.org/packages/emotality/laravel-block-cf-origin) [![Total Downloads](https://camo.githubusercontent.com/3de8cc32d62bf7befa2f4fdd8cc442c4b706c797f39578b2db5f81b740c7a88d/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f656d6f74616c6974792f6c61726176656c2d626c6f636b2d63662d6f726967696e)](https://packagist.org/packages/emotality/laravel-block-cf-origin) Laravel package to block direct requests to your Cloudlfare-protected origin server. [ ![](https://raw.githubusercontent.com/emotality/files/master/GitHub/Cloudflare.png) ](https://www.cloudflare.com) Overview -------- [](#overview) This packages should only be used when the following applies: 1. You can't add firewall rules (to only accept requests from CF Edge IP addresses) because your server is shared with other projects that don't use Cloudflare. If you have a single app running on your server, rather add firewall rules. 2. You can't add deny/allow rules to your Nginx/Apache config because you are using the `set_real_ip_from` / `mod_remoteip` module to forward the user's real IP *(X-Forwarded-For)*. If you don't need to forward the user's real IP, rather add deny/allow rules to your Nginx/Apache config. 3. You can't install `cloudflared` and create a tunnel. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) *See [Useful Links](#useful-links) section below for more information.* Requirements ------------ [](#requirements) - PHP 8.0+ - PHP Redis extension - Laravel 9.0+ *\*Note: This package only supports the Redis cache driver!* Installation ------------ [](#installation) 1. `composer require emotality/laravel-block-cf-origin` 2. `php artisan vendor:publish --provider="Emotality\Cloudflare\CloudflareBlockOriginServiceProvider"` 3. Add the middleware in `app/Http/Kernel.php`: ``` protected $middleware = [ \Emotality\Cloudflare\BlockNonCloudflareRequests::class, // Top is preferred ... ]; ``` 4. Add the cronjob to update Cloudflare's netmasks: ``` protected function schedule(Schedule $schedule): void { ... $schedule->call(new \Emotality\Cloudflare\GetNetmasks)->weekly(); } ``` 5. Update your `config/cloudflare-block.php` config and `.env` accordingly. 6. Add FastCGI (PHP-FPM) param to your Nginx config: ``` server { server_name example.com; ... location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.2-fpm.sock; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param CF_EDGE_IP $realip_remote_addr;