PHPackages                             jorisvaesen/cakephp-antiflood - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. jorisvaesen/cakephp-antiflood

ActiveCakephp-plugin[Security](/categories/security)

jorisvaesen/cakephp-antiflood
=============================

CakePHP plugin to secure login forms from brute force attacks

027PHP

Since Sep 4Pushed 8y ago1 watchersCompare

[ Source](https://github.com/jorisvaesen/cakephp-antiflood)[ Packagist](https://packagist.org/packages/jorisvaesen/cakephp-antiflood)[ RSS](/packages/jorisvaesen-cakephp-antiflood/feed)WikiDiscussions master Synced 2mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

cakephp-antiflood
=================

[](#cakephp-antiflood)

Installation
------------

[](#installation)

```
composer require jorisvaesen/cakephp-antiflood:"dev-master"

bin/cake plugin load --bootstrap JorisVaesen/Antiflood

```

UsersController.php

```
public function initialize()
{
    parent::initialize();

    $this->loadComponent('JorisVaesen/Antiflood.Antiflood', [
        'ip' => true,   // filter by IP
        'cacheConfig' => 'antiflood', // cache config used to save attampts
        'maxAttempts' => 3, // maximum attempts within cache config duration
        'salt' => true, // salt identifier to be unique for an application (true = securiy salt, string = custom salt, false = not salted)
        'log' => false, // write ip and identifier to database when maxAttempts is reached, false to disable, true to enable, callback to use a custom function
    ]);
}

public function login()
{
    if ($this->request->is('post')) {
        if (!$this->Antiflood->check($this->request->getData('email'))) {
            $this->Flash->error(__('Login blocked, too many attempts'), [
                'key' => 'auth'
            ]);

            return;
        }

        $user = $this->Auth->identify();
        if ($user) {
            $this->Auth->setUser($user);
            if ($this->Auth->authenticationProvider()->needsPasswordRehash()) {
                $user = $this->Users->get($user['id']);
                $user->password = $this->request->getData('password');
                $this->Users->save($user);
            }

            return $this->redirect($this->Auth->redirectUrl());
        } else {
            $this->Antiflood->increment($this->request->getData('email'));
            $this->Flash->error(__('Username or password is incorrect'), [
                'key' => 'auth'
            ]);
        }
    }
}
```

Migrations for saving a log when maxAttempts is reached

```
bin/cake migrations migrate -p JorisVaesen/Antiflood

```

TODO
----

[](#todo)

- tests
- documentation

###  Health Score

20

—

LowBetter than 14% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity7

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/935b8cd6be3a6ff53cae55eead3916bcfabec5de937f75221bb37cecd7d92374?d=identicon)[jorisvaesen](/maintainers/jorisvaesen)

---

Top Contributors

[![jorisvaesen](https://avatars.githubusercontent.com/u/4093781?v=4)](https://github.com/jorisvaesen "jorisvaesen (1 commits)")

### Embed Badge

![Health badge](/badges/jorisvaesen-cakephp-antiflood/health.svg)

```
[![Health](https://phpackages.com/badges/jorisvaesen-cakephp-antiflood/health.svg)](https://phpackages.com/packages/jorisvaesen-cakephp-antiflood)
```

###  Alternatives

[defuse/php-encryption

Secure PHP Encryption Library

3.9k162.4M212](/packages/defuse-php-encryption)[roave/security-advisories

Prevents installation of composer packages with known security vulnerabilities: no API, simply require it

2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k16.7M112](/packages/mews-purifier)[robrichards/xmlseclibs

A PHP library for XML Security

41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php

Realistic password strength estimation PHP library based on Zxcvbn JS

86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

33732.2M110](/packages/enlightn-security-checker)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)