PHPackages                             michaelesmith/front-controller-security-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. michaelesmith/front-controller-security-bundle

ActiveSymfony-bundle[Security](/categories/security)

michaelesmith/front-controller-security-bundle
==============================================

Allows for easy ip based security for front controllers in Symfony2

0117[2 PRs](https://github.com/michaelesmith/FrontControllerSecurityBundle/pulls)PHP

Since Dec 11Pushed 12y ago1 watchersCompare

[ Source](https://github.com/michaelesmith/FrontControllerSecurityBundle)[ Packagist](https://packagist.org/packages/michaelesmith/front-controller-security-bundle)[ RSS](/packages/michaelesmith-front-controller-security-bundle/feed)WikiDiscussions master Synced 2d ago

READMEChangelogDependenciesVersions (1)Used By (0)

[![Build Status](https://camo.githubusercontent.com/df00dda0f0be656f816bed5eb5f1121299e1551a01042ca9368fd0cf44a0a711/68747470733a2f2f7472617669732d63692e6f72672f6d69636861656c65736d6974682f46726f6e74436f6e74726f6c6c6572536563757269747942756e646c652e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/michaelesmith/FrontControllerSecurityBundle)FrontControllerSecurityBundle
=============================================================================================================================================================================================================================================================================================================================================================================================

[](#frontcontrollersecuritybundle)

What is FrontControllerSecurityBundle?
--------------------------------------

[](#what-is-frontcontrollersecuritybundle)

It provides a simple way to secure probably a development front controller on a production machine to a specific set of ip addresses.

Installation
------------

[](#installation)

### Use Composer (*recommended*)

[](#use-composer-recommended)

The recommended way to install the FrontControllerSecurityBundle is through composer.

If you don't have Composer yet, download it following the instructions on  or just run the following command:

```
curl -s http://getcomposer.org/installer | php

```

Just create a `composer.json` file for your project:

```
{
    "require": {
        "michaelesmith/front-controller-security-bundle": "dev-master"
    }
}
```

For more info on composer see

If you want to be able to use the provided cli tasks to view, add and remove ips you need to enable the bundle in your AppKernel.php

```
        if ('dev' == $this->getEnvironment()) {
            $bundles[] = new MS\Bundle\FrontControllerSecurityBundle\MSFrontControllerSecurityBundle();
        }
```

Usage
-----

[](#usage)

### Configure directly in your front controller

[](#configure-directly-in-your-front-controller)

```
    //web/app_dev.php

    $loader = require_once __DIR__.'/../app/bootstrap.php.cache';

    $security = new \MS\Bundle\FrontControllerSecurityBundle\Security\IPChecker();
    $security->addIP('127.0.0.1', null, 'loopback');
    $security->addIPRange('10.0.0.1', '10.0.0.255', null, 'remote office');

    if(isset($_SERVER['HTTP_CLIENT_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR']) || !$security->isAuthorized(@$_SERVER['REMOTE_ADDR'])){
        header('HTTP/1.0 403 Forbidden');
        exit(sprintf('You are not allowed to access this file. Maybe you are looking for %1$s. Check %2$s for more information.', 'http://' . $_SERVER['HTTP_HOST'], basename(__FILE__)));
    }

    require_once __DIR__.'/../app/AppKernel.php';

    $kernel = new AppKernel('dev', true);
    $kernel->loadClassCache();
    $request = Request::createFromGlobals();
    $response = $kernel->handle($request);
    $response->send();
    $kernel->terminate($request, $response);
```

### Configure using a file

[](#configure-using-a-file)

```
    //web/app_dev.php

    $loader = require_once __DIR__.'/../app/bootstrap.php.cache';

    $security = new \MS\Bundle\FrontControllerSecurityBundle\Security\IPChecker();
    $security->addIP('127.0.0.1', null, 'loopback');
    $security->addFile(__DIR__ . '/.app_dev.security.json');

    if(isset($_SERVER['HTTP_CLIENT_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR']) || !$security->isAuthorized(@$_SERVER['REMOTE_ADDR'])){
        header('HTTP/1.0 403 Forbidden');
        exit(sprintf('You are not allowed to access this file. Maybe you are looking for %1$s. Check %2$s for more information.', 'http://' . $_SERVER['HTTP_HOST'], basename(__FILE__)));
    }

    ...
```

You can add this file to your version control if you want everyone to share the same or ignore it and configure what you want on the server. This bundle includes some command tasks to help in this respect:

- front-controller:security:ip:list
- front-controller:security:ip:add
- front-controller:security:ip:remove

### Configure using APC caching

[](#configure-using-apc-caching)

```
    //web/app_dev.php

    $loader = require_once __DIR__.'/../app/bootstrap.php.cache';

    if(!function_exists('apc_fetch') || !($security = apc_fetch('ms.app_dev.security'))){
        $security = new \MS\Bundle\FrontControllerSecurityBundle\Security\IPChecker();
        $security->addIP('127.0.0.1', null, 'loopback');
        $security->addFile(__DIR__ . '/.app_dev.security.json');

        if(function_exists('apc_store')){
            apc_store('ms.app_dev.security', $security);
        }
    }

    if(isset($_SERVER['HTTP_CLIENT_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR']) || !$security->isAuthorized(@$_SERVER['REMOTE_ADDR'])){
        header('HTTP/1.0 403 Forbidden');
        exit(sprintf('You are not allowed to access this file. Maybe you are looking for %1$s. Check %2$s for more information.', 'http://' . $_SERVER['HTTP_HOST'], basename(__FILE__)));
    }

    ...
```

###  Health Score

21

—

LowBetter than 18% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity10

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/181546?v=4)[Michael Smith](/maintainers/michaelesmith)[@michaelesmith](https://github.com/michaelesmith)

---

Top Contributors

[![michaelesmith](https://avatars.githubusercontent.com/u/181546?v=4)](https://github.com/michaelesmith "michaelesmith (15 commits)")

### Embed Badge

![Health badge](/badges/michaelesmith-front-controller-security-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/michaelesmith-front-controller-security-bundle/health.svg)](https://phpackages.com/packages/michaelesmith-front-controller-security-bundle)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.7M141](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24820.0k36](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
