PHPackages oxid-esales/security-module - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. oxid-esales/security-module ActiveOxideshop-module[Security](/categories/security) oxid-esales/security-module =========================== OXID eSales Security module v2.1.0(3mo ago)351↓100%1proprietaryPHPPHP ^8.2CI failing Since Nov 6Pushed 2mo ago3 watchersCompare [ Source](https://github.com/OXID-eSales/security-module)[ Packagist](https://packagist.org/packages/oxid-esales/security-module)[ Docs](https://www.oxid-esales.com)[ RSS](/packages/oxid-esales-security-module/feed)WikiDiscussions b-7.4.x Synced 1mo ago READMEChangelogDependencies (13)Versions (13)Used By (0) OXID Security Module ==================== [](#oxid-security-module) A collection of security features for OXID eShop [![Development](https://github.com/OXID-eSales/security-module/actions/workflows/trigger.yaml/badge.svg?branch=b-7.4.x)](https://github.com/OXID-eSales/security-module/actions/workflows/trigger.yaml)[![Latest Version](https://camo.githubusercontent.com/656228f3dd29f3eea41edfc748300384628598d466dbb5b1cf68ec75a7bc8158/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f4f5849442d6553616c65732f73656375726974792d6d6f64756c653f6c6f676f3d636f6d706f736572266c6162656c3d6c617465737426696e636c7564655f70726572656c656173657326636f6c6f723d6f72616e6765)](https://packagist.org/packages/oxid-esales/security-module)[![PHP Version](https://camo.githubusercontent.com/30b80b4e5f1ab804c5355969857734693eddbcdeebe4b5f9a3f6ac4d338883fc/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f6f7869642d6573616c65732f73656375726974792d6d6f64756c65)](https://github.com/oxid-esales/security-module) [![Quality Gate Status](https://camo.githubusercontent.com/13b0cc40d7ba0bf3ff945d0709dc248d4fe5b1befe906a229d95769f516637dd/68747470733a2f2f736f6e6172636c6f75642e696f2f6170692f70726f6a6563745f6261646765732f6d6561737572653f70726f6a6563743d4f5849442d6553616c65735f73656375726974792d6d6f64756c65266d65747269633d616c6572745f73746174757326746f6b656e3d30303236643237656461333438333732386630393835643434643332373134393237616432663364)](https://sonarcloud.io/dashboard?id=OXID-eSales_security-module)[![Coverage](https://camo.githubusercontent.com/cefffe13c0d2fda6cbaab310b98ecc978d6549406063038a1a53809b946ec7a4/68747470733a2f2f736f6e6172636c6f75642e696f2f6170692f70726f6a6563745f6261646765732f6d6561737572653f70726f6a6563743d4f5849442d6553616c65735f73656375726974792d6d6f64756c65266d65747269633d636f76657261676526746f6b656e3d30303236643237656461333438333732386630393835643434643332373134393237616432663364)](https://sonarcloud.io/dashboard?id=OXID-eSales_security-module)[![Technical Debt](https://camo.githubusercontent.com/ececbde6c16c475926c80f6e5dbdc668d52ba78897c744385a376ab773a97d34/68747470733a2f2f736f6e6172636c6f75642e696f2f6170692f70726f6a6563745f6261646765732f6d6561737572653f70726f6a6563743d4f5849442d6553616c65735f73656375726974792d6d6f64756c65266d65747269633d7371616c655f696e64657826746f6b656e3d30303236643237656461333438333732386630393835643434643332373134393237616432663364)](https://sonarcloud.io/dashboard?id=OXID-eSales_security-module) Compatibility ------------- [](#compatibility) This module assumes you have OXID eShop Compilation version 7.4.0 installed. ### Branches [](#branches) - 2.1.0.x versions (or b-7.4.x branch) are compatible with OXID eShop compilation 7.4.x - 2.0.0.x versions (or b-7.3.x branch) are compatible with OXID eShop compilation 7.3.x. - 1.0.0.x versions (or b-7.2.x branch) are compatible with OXID eShop compilation 7.2.x. Development installation ======================== [](#development-installation) To be able running the tests and other preconfigured quality tools, please install the module as a [root package](https://getcomposer.org/doc/04-schema.md#root-package). The next section shows how to install the module as a root package by using the OXID eShop SDK. In case of different environment usage, please adjust by your own needs. Development installation on OXID eShop SDK ========================================== [](#development-installation-on-oxid-eshop-sdk) The installation instructions below are shown for the current [SDK](https://github.com/OXID-eSales/docker-eshop-sdk)for shop 7.4. Make sure your system meets the requirements of the SDK. 1. Ensure all docker containers are down to avoid port conflicts 2. Clone the SDK for the new project ``` echo MyProject && git clone https://github.com/OXID-eSales/docker-eshop-sdk.git $_ && cd $_ ``` 2. Clone the repository to the source directory ``` git clone --recurse-submodules https://github.com/OXID-eSales/security-module.git --branch=b-7.4.x ./source ``` 3. Run the recipe to setup the development environment ``` ./source/recipes/setup-development.sh ``` You should be able to access the shop with and the admin panel with (credentials: / admin) Password strength and Captcha protection ---------------------------------------- [](#password-strength-and-captcha-protection) This module provides password strength estimation for any string input. It can validate password length and character variety based on configurable settings. It also includes a visual password strength indicator with a progress bar for real-time feedback via an Ajax widget. Additionally, the module features Image Captcha protection to prevent automated bot submissions. Users must enter the text displayed in the captcha image, with an audio captcha option available for accessibility. A honeypot captcha is also implemented as a hidden field to detect and block bots without affecting the user experience. ### Configuration [](#configuration) The module configurations provide an option to Enable/Disable any of the features - Password strength estimation, Image Captcha protection, Honeypot Captcha protection. Configurable options for password strength estimation are: - Enable/Disable password strength estimation - Minimum password length - Uppercase character requirement - Lowercase character requirement - Digit requirement - Special character requirement Configurable options for Captcha protection are: - Enable/Disable Image Captcha protection - Enable/Disable Honeypot Captcha protection - Image Captcha lifetime ### Running the tests and quality tools [](#running-the-tests-and-quality-tools) Check the "scripts" section in the `composer.json` file for the available commands. Those commands can be executed by connecting to the php container and running the command from there, example: ``` make php composer tests-coverage ``` Commands can be also triggered directly on the container with docker compose, example: ``` docker compose exec -T php composer tests-coverage ``` Testing ------- [](#testing) ### Linting, syntax check, static analysis [](#linting-syntax-check-static-analysis) Check the "scripts" section in the `composer.json` file for the available commands. Those commands can be executed by connecting to the php container and running the command from there, example: ``` make php composer update composer static ``` ### Unit/Integration/Acceptance tests [](#unitintegrationacceptance-tests) - Run all the tests ``` composer tests-all ``` - Or the desired suite ``` composer tests-unit composer tests-integration composer tests-codeception ``` ### Health Score 46 — FairBetter than 93% of packages Maintenance87 Actively maintained with recent releases Popularity15 Limited adoption so far Community17 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~72 days Recently: every ~65 days Total 7 Last Release 114d ago Major Versions v1.0.0 → v2.0.0-rc.12025-04-29 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1374817?v=4)[oxid](/maintainers/oxid)[@OxID](https://github.com/OxID) --- Top Contributors [![NikolaIvanovski](https://avatars.githubusercontent.com/u/8055347?v=4)](https://github.com/NikolaIvanovski "NikolaIvanovski (111 commits)")[![TitaKoleva](https://avatars.githubusercontent.com/u/22682166?v=4)](https://github.com/TitaKoleva "TitaKoleva (55 commits)")[![tkcreateit](https://avatars.githubusercontent.com/u/42207462?v=4)](https://github.com/tkcreateit "tkcreateit (21 commits)")[![hkreuter](https://avatars.githubusercontent.com/u/3692295?v=4)](https://github.com/hkreuter "hkreuter (15 commits)")[![RahatHameed](https://avatars.githubusercontent.com/u/11661532?v=4)](https://github.com/RahatHameed "RahatHameed (8 commits)")[![Sieg](https://avatars.githubusercontent.com/u/98882?v=4)](https://github.com/Sieg "Sieg (6 commits)")[![angel-dimitrov](https://avatars.githubusercontent.com/u/12593227?v=4)](https://github.com/angel-dimitrov "angel-dimitrov (3 commits)")[![michaelkeiluweit](https://avatars.githubusercontent.com/u/2961521?v=4)](https://github.com/michaelkeiluweit "michaelkeiluweit (2 commits)")[![MarcelOxid](https://avatars.githubusercontent.com/u/98812941?v=4)](https://github.com/MarcelOxid "MarcelOxid (2 commits)") --- Tags OXIDmoduleseshop ### Code Quality TestsPHPUnit Static AnalysisPHPStan Code StylePHP\_CodeSniffer Type Coverage Yes ### Embed Badge ![Health badge](/badges/oxid-esales-security-module/health.svg) ``` [![Health](https://phpackages.com/badges/oxid-esales-security-module/health.svg)](https://phpackages.com/packages/oxid-esales-security-module) ``` ### Alternatives [oxid-esales/oxideshop-ce This package contains OXID eShop CE source code. 2381.1M187](/packages/oxid-esales-oxideshop-ce)[oxid-esales/paypal-module This is the PayPal module for the OXID eShop. 36513.5k2](/packages/oxid-esales-paypal-module)[ddoe/wysiwyg-editor-module Summernote WYSIWYG Editor for OXID eShop. 19981.7k2](/packages/ddoe-wysiwyg-editor-module)[oxid-esales/gdpr-optin-module This is the GDPR opt-in module for the OXID eShop. 20459.1k2](/packages/oxid-esales-gdpr-optin-module)[oxid-esales/paymorrow-module This is Paymorrow module for OXID eShop. 18238.2k](/packages/oxid-esales-paymorrow-module)[oxid-esales/testing-library OXID eShop testing library 13374.0k10](/packages/oxid-esales-testing-library) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)