PHPackages moh8med/bffs - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. moh8med/bffs ActiveProject[API Development](/categories/api) moh8med/bffs ============ BFFS is a simple project built with Laravel that implements the backend for frontend pattern to help you build a security shield in front of your APIs and Microservices. v1.0.4(3y ago)3210[1 issues](https://github.com/moh8med/bffs/issues)[1 PRs](https://github.com/moh8med/bffs/pulls)MITPHPPHP ^8.0.2 Since Jan 27Pushed 1y ago3 watchersCompare [ Source](https://github.com/moh8med/bffs)[ Packagist](https://packagist.org/packages/moh8med/bffs)[ RSS](/packages/moh8med-bffs/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (5)Dependencies (20)Versions (7)Used By (0) 🔰 BFFS - Backend for Frontend Shield ==================================== [](#-bffs---backend-for-frontend-shield) BFFS is a simple project built with Laravel that implements the backend for frontend pattern to help you build a security shield in front of your APIs and Microservices. Here are some key points about BFFS: - Implements the backend for frontend pattern to separate the concerns of the frontend and backend and improve security. - Includes advanced request validation features, such as E.164 international phone number standard, password NIST standards, email RFC and DNS validation, email spoofing detection, and scanning uploaded files with Cisco ClamAV. - Uses Redis for rate limiting requests to improve security and reduce the risk of DDoS attacks. - Utilizes Swoole to speed up response time and improve overall performance. - Built using Laravel, a popular PHP web application framework, making it easy to integrate with existing systems. Features -------- [](#features) ### Monitoring [](#monitoring) - Uptime Monitor - SSL Certificate Expiry - Email notification - Slack notification ### Performance Tuning [](#performance-tuning) - Running on Octane (Swoole or Roadrunner) - API Aggregation - Response Caching with Redis ### Security Hardening [](#security-hardening) - Trusted Hosts - Add Cloudflare IPs to Trusted Proxies - CORS Handling - Rate Limiting with Redis - Restricting Access by GeoIP2 (MaxMind DB) ### Web Application Firewall (WAF) [](#web-application-firewall-waf) - Bot: Bad Bot Detection - RFI: Remote File Inclusion - XSS: Cross Site Scripting - SQLi: SQL Injection ### Antivirus and Malware [](#antivirus-and-malware) - Scanning uploaded files with Cisco ClamAV ### Advanced Request Validation [](#advanced-request-validation) - Email RFC compliance - Email domain DNS - Email disposable/throwaway domains - Email spoofing detection - Email deliverability check - Password NIST standards - HaveIBeenPwned password check - Phone country prefix checking and E.164 standard - Phone number type: mobile, landline, etc - Phone number verification Getting Started --------------- [](#getting-started) To get started with BFFS, you will need to have a basic understanding of Laravel and its dependencies. ### Installation [](#installation) 1. Install the package via composer: ``` composer create-project moh8med/bffs ``` 2. Run the migrations: ``` php artisan migrate ``` 3. Configure your environment variables in the .env file. 4. Update the databases: ``` # update the disposable domains list php artisan disposable:update # retrieves and cache Cloudflare's IP blocks php artisan cloudflare:reload # register for a license key at www.maxmind.com # set your MAXMIND_LICENSE_KEY in .env file # and update the geoip database php artisan geoip:update ``` 5. Create your first uptime monitor: ``` # create your first monitor php artisan monitor:create https://example.com/ # check the uptime of all sites php artisan monitor:check-uptime ``` 6. You will need Cisco ClamAV installed to scan uploaded files against malwares: ``` docker run \ --interactive \ --publish 13310:3310 \ --publish 7357 \ --tty \ --rm \ --name "clam_container_01" \ clamav/clamav:unstable ``` Then set `CLAMAV_SKIP_VALIDATION=false` in the `.env` file. ### Usage [](#usage) Once the server is running, you can start making requests to the endpoints that are protected by the BFFS shield. 1. Start the server: ``` php artisan octane:start --port=8001 --watch ``` 2. Test your BFFS server: ``` curl http://127.0.0.1:8001/todos | jq ``` Contributions ------------- [](#contributions) If you would like to contribute to the project, please feel free to open a pull request with your changes. License ------- [](#license) This project is licensed under the MIT License. ### Health Score 29 — LowBetter than 60% of packages Maintenance27 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community10 Small or concentrated contributor base Maturity55 Maturing project, gaining track record Bus Factor1 Top contributor holds 89.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~2 days Total 5 Last Release 1191d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/d89e72d5c875d21deafb1320f53c4d64b2842a4488a27ab0a31f892a55f3d85a?d=identicon)[moh8med](/maintainers/moh8med) --- Top Contributors [![moh8med](https://avatars.githubusercontent.com/u/479622?v=4)](https://github.com/moh8med "moh8med (25 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)") --- Tags apilaravelgeoipsecuritycloudflareclamavwafbffs ### Code Quality TestsPHPUnit Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/moh8med-bffs/health.svg) ``` [![Health](https://phpackages.com/badges/moh8med-bffs/health.svg)](https://phpackages.com/packages/moh8med-bffs) ``` ### Alternatives [bagisto/bagisto Bagisto Laravel E-Commerce 26.2k161.6k7](/packages/bagisto-bagisto)[openai-php/laravel OpenAI PHP for Laravel is a supercharged PHP API client that allows you to interact with the Open AI API 3.7k7.6M74](/packages/openai-php-laravel)[unopim/unopim UnoPim Laravel PIM 9.4k1.8k](/packages/unopim-unopim)[aimeos/aimeos-headless Aimeos headless ecommerce system 2.5k2.3k](/packages/aimeos-aimeos-headless)[nickurt/laravel-postcodeapi Universal PostcodeApi for Laravel 11.x/12.x/13.x 97221.2k](/packages/nickurt-laravel-postcodeapi)[mozex/anthropic-laravel Anthropic PHP for Laravel is a supercharged PHP API client that allows you to interact with the Anthropic API 71226.4k1](/packages/mozex-anthropic-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)