PHPackages                             nswdpc/silverstripe-security-recipe - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. nswdpc/silverstripe-security-recipe

ActiveSilverstripe-recipe[Security](/categories/security)

nswdpc/silverstripe-security-recipe
===================================

Recipe for adding MFA, Password check, Breached account check, Security report to a Silverstripe application

v1.0.0(1y ago)33.0kBSD-3-Clause

Since Oct 21Pushed 1y ago1 watchersCompare

[ Source](https://github.com/nswdpc/silverstripe-security-recipe)[ Packagist](https://packagist.org/packages/nswdpc/silverstripe-security-recipe)[ RSS](/packages/nswdpc-silverstripe-security-recipe/feed)WikiDiscussions master Synced today

READMEChangelog (6)Dependencies (7)Versions (10)Used By (0)

Silverstripe security recipe
============================

[](#silverstripe-security-recipe)

A recipe for adding various security-focused modules to a Silverstripe website.

In this recipe
--------------

[](#in-this-recipe)

### Authentication boilerplate

[](#authentication-boilerplate)

- The [nswdpc/silverstripe-authentication-boilerplate](https://github.com/nswdpc/silverstripe-authentication-boilerplate), providing:
    - Multi-factor Authentication (MFA) for the administration area via the [Silverstripe TOTP Authenticator](https://github.com/silverstripe/silverstripe-totp-authenticator)
    - [Pwned Password checks](nswdpc/silverstripe-pwnage-hinter) via the pwnedpasswords API provided by [Have I Been Pwned](https://haveibeenpwned.com)
    - [Breached account checks](nswdpc/silverstripe-pwnage-hinter) via the haveibeenpwned API provided by [Have I Been Pwned](https://haveibeenpwned.com)
    - The [Silverstripe security extensions module](https://github.com/silverstripe/silverstripe-security-extensions)
    - The [Silverstripe security report module](https://github.com/silverstripe/silverstripe-securityreport)

### Content Security Policy

[](#content-security-policy)

- The [NSWDPC CSP](https://github.com/nswdpc/silverstripe-csp) module

### Captcha

[](#captcha)

- The [NSWDPC reCAPTCHA v3](https://github.com/nswdpc/silverstripe-recaptcha-v3) base module

### Useful extras

[](#useful-extras)

- [silverstripe/login-forms](https://github.com/silverstripe/silverstripe-login-forms)
- [silverstripe/mimevalidator](https://github.com/silverstripe/silverstripe-mimevalidator)

### Sessions

[](#sessions)

- [DynamoDB sessions](https://github.com/silverstripe/silverstripe-dynamodb)

Configuration
-------------

[](#configuration)

There is no configuration provided in this recipe. Its aim is to bring together a set of Silverstripe security modules to be used together in a standardised way. Default configuration settings can be found in the recipe's modules and can be overridden on a per-project basis.

The authentication boilerplate module provides a standard set of rules for defining access to websites. You can modify these rules using the Silverstripe configuration API.

Installation
------------

[](#installation)

The only supported way of installing this recipe is via [composer](https://getcomposer.org)

```
composer require-recipe nswdpc/silverstripe-security-recipe

```

### About recipes

[](#about-recipes)

See the [recipe plugin page](https://github.com/silverstripe/recipe-plugin) for information on how recipes work.

LICENSE
-------

[](#license)

[BSD-3-Clause](./LICENSE.md)

Maintainers
-----------

[](#maintainers)

- [dpcdigital@NSWDPC:~$](https://dpc.nsw.gov.au)

Bugtracker
----------

[](#bugtracker)

We welcome bug reports, pull requests and feature requests on the Github Issue tracker for this project.

Please review the [code of conduct](./code-of-conduct.md) prior to opening a new issue.

Security
--------

[](#security)

If you have found a security issue with this module, please email digital\[@\]dpc.nsw.gov.au in the first instance, detailing your findings.

Development and contribution
----------------------------

[](#development-and-contribution)

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.

Please review the [code of conduct](./code-of-conduct.md) prior to completing a pull request.

###  Health Score

35

—

LowBetter than 77% of packages

Maintenance38

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity56

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~235 days

Recently: every ~289 days

Total

6

Last Release

540d ago

Major Versions

v0.3.2 → v1.0.02025-01-10

### Community

Maintainers

![](https://www.gravatar.com/avatar/1caefd99092b4a43254e48c40347224f671032ec1ffc3a457e06a7e9ab6e7c02?d=identicon)[nswdpc](/maintainers/nswdpc)

---

Top Contributors

[![JamesDPC](https://avatars.githubusercontent.com/u/69664712?v=4)](https://github.com/JamesDPC "JamesDPC (25 commits)")

---

Tags

totpsecuritypasswordsilverstripe2faMFAhaveibeenpwnedhibppwnedpasswords

### Embed Badge

![Health badge](/badges/nswdpc-silverstripe-security-recipe/health.svg)

```
[![Health](https://phpackages.com/badges/nswdpc-silverstripe-security-recipe/health.svg)](https://phpackages.com/packages/nswdpc-silverstripe-security-recipe)
```

###  Alternatives

[firehed/security

Security tools for PHP

2377.4k2](/packages/firehed-security)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
