PHPackages pepeiborra/traffic-reader - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. pepeiborra/traffic-reader ActiveLibrary[Security](/categories/security) pepeiborra/traffic-reader ========================= Lightweight SIEM middleware for Laravel: visit tracking, threat detection, and security alerting. 1.1(1mo ago)038↓100%MITPHPPHP ^8.1 Since Apr 23Pushed 1mo agoCompare [ Source](https://github.com/JHOSEPDIES/traffic-reader)[ Packagist](https://packagist.org/packages/pepeiborra/traffic-reader)[ RSS](/packages/pepeiborra-traffic-reader/feed)WikiDiscussions main Synced 1w ago READMEChangelog (2)Dependencies (7)Versions (3)Used By (0) traffic-reader ============== [](#traffic-reader) Lightweight SIEM (Security Information and Event Management) middleware for Laravel 10/11/12+. Tracks visits, detects threats in real time, logs them to disk, and sends optional email/Slack alerts — all in one Composer package. Features -------- [](#features) - 🔍 **Visit tracking** — IP, device, OS, browser, referrer, URL, status code - 🛡️ **Threat detection** — RCE, SQLi, XSS, path traversal, scanner UA, brute force, rate abuse - 📊 **Livewire dashboard** — statistics, hourly charts, threat log (requires Livewire 3) - 📧 **Alert notifications** — email + optional Slack for critical threats - ⚙️ **Fully configurable** — thresholds, storage, excluded paths, layout --- Requirements ------------ [](#requirements) DependencyVersionPHP^8.1Laravel10 / 11 / 12Livewire *(optional)*^3.0laravel/slack-notification-channel *(optional)*^3.0--- Installation ------------ [](#installation) ``` composer require pepeiborra/traffic-reader ``` The package auto-discovers the service provider via `extra.laravel` in `composer.json`. ### Publish assets [](#publish-assets) ``` # Configuración php artisan vendor:publish --tag=traffic-reader-config # Vistas (para personalizar) php artisan vendor:publish --tag=traffic-reader-views # Traducciones (opcional) php artisan vendor:publish --tag=traffic-reader-lang ``` --- Quick start ----------- [](#quick-start) ### 1. Agregar el middleware [](#1-agregar-el-middleware) **Laravel 10** — en `app/Http/Kernel.php`: ``` use Pepeiborra\TrafficReader\Middleware\TrackVisitMiddleware; protected $middlewareGroups = [ 'web' => [ // ... otros middleware TrackVisitMiddleware::class, ], ]; ``` **Laravel 11/12** — en `bootstrap/app.php`: ``` use Pepeiborra\TrafficReader\Middleware\TrackVisitMiddleware; ->withMiddleware(function (Middleware $middleware) { $middleware->appendToGroup('web', TrackVisitMiddleware::class); // Agregar a otros grupos según necesites }) ``` ### 2. Variables de entorno [](#2-variables-de-entorno) ``` # Emails separados por coma para alertas críticas TRAFFIC_READER_ALERT_EMAILS=admin@example.com,seguridad@example.com # Webhook de Slack (opcional) TRAFFIC_READER_SLACK_WEBHOOK=https://hooks.slack.com/services/XXX/YYY/ZZZ # Umbrales (opcional, estos son los defaults) TRAFFIC_READER_RATE_THRESHOLD=60 TRAFFIC_READER_404_THRESHOLD=20 TRAFFIC_READER_PROBE_THRESHOLD=3 TRAFFIC_READER_BF_THRESHOLD=10 ``` ### 3. Dashboard Livewire [](#3-dashboard-livewire) Registra la ruta manualmente (recomendado, con tu propia autorización): ``` use Pepeiborra\TrafficReader\Livewire\AuditDashboard; Route::get('/admin/visitas', AuditDashboard::class) ->name('audit.visits') ->middleware(['auth', 'can:developer']); ``` O deja que el paquete registre la ruta automáticamente: ``` TRAFFIC_READER_ROUTES_ENABLED=true TRAFFIC_READER_ROUTES_PREFIX=traffic-reader # URL: /traffic-reader/visitas ``` Y configura los middlewares en `config/traffic-reader.php`: ``` 'routes' => [ 'enabled' => true, 'prefix' => 'traffic-reader', 'middleware' => ['web', 'auth', 'can:developer'], ], ``` --- Configuración completa ---------------------- [](#configuración-completa) ``` // config/traffic-reader.php (tras publicar) return [ 'alert_emails' => env('TRAFFIC_READER_ALERT_EMAILS', ''), 'slack_webhook' => env('TRAFFIC_READER_SLACK_WEBHOOK', ''), 'storage' => [ 'disk' => 'local', // cualquier disk de filesystems.php 'folder' => 'visits', // dentro del disk ], 'log_retention_days' => 30, 'thresholds' => [ 'rate_per_minute' => 60, 'not_found_per_hour' => 20, 'probe_per_hour' => 3, 'brute_force_per_hour' => 10, ], // Rutas a ignorar (prefijos sin slash inicial) 'exclude_paths' => [ 'api/health', 'admin/ping', ], 'routes' => [ 'enabled' => false, 'prefix' => 'traffic-reader', 'middleware' => ['web', 'auth'], ], 'dashboard' => [ 'title' => 'Dashboard de Visitas', 'layout' => 'components.layouts.app', // tu layout Blade ], ]; ``` --- Personalizar vistas ------------------- [](#personalizar-vistas) Tras publicar las vistas con `--tag=traffic-reader-views`, edita: ``` resources/views/vendor/traffic-reader/livewire/audit-dashboard.blade.php ``` El componente detecta automáticamente si existe la vista publicada y la usa en lugar de la del paquete. --- Usar el lector de logs directamente ----------------------------------- [](#usar-el-lector-de-logs-directamente) ``` use Pepeiborra\TrafficReader\Services\VisitsLogReader; $reader = app(VisitsLogReader::class); $dates = $reader->availableDates(); $records = $reader->records('2025-04-23'); $stats = $reader->stats($records); $threats = $reader->threats('2025-04-23'); ``` --- Estructura del paquete ---------------------- [](#estructura-del-paquete) ``` traffic-reader/ ├── config/ │ └── traffic-reader.php ├── resources/ │ └── views/livewire/ │ └── audit-dashboard.blade.php ├── routes/ │ └── web.php ├── src/ │ ├── TrafficReaderServiceProvider.php │ ├── Events/ │ │ └── SecurityThreatDetected.php │ ├── Listeners/ │ │ └── SecurityThreatListener.php │ ├── Livewire/ │ │ └── AuditDashboard.php │ ├── Middleware/ │ │ └── TrackVisitMiddleware.php │ ├── Notifications/ │ │ └── SecurityAlertNotification.php │ └── Services/ │ └── VisitsLogReader.php └── composer.json ``` --- Tipos de amenaza detectados --------------------------- [](#tipos-de-amenaza-detectados) TipoDescripción`RCE_ATTEMPT`Patrones de Remote Code Execution en la URL`SQLI_ATTEMPT`Patrones de SQL Injection`XSS_ATTEMPT`Patrones de Cross-Site Scripting`PATH_TRAVERSAL`Traversal de directorios (`../`, `%2e%2e`)`SCANNER_UA`User-Agent de herramienta de escaneo (sqlmap, nikto…)`UNUSUAL_METHOD`Métodos HTTP inusuales (TRACE, CONNECT…)`SUSPICIOUS_UA`User-Agent vacío o muy corto`HIGH_RATE`Más de N requests/minuto desde la misma IP`ROUTE_SCAN`Más de N 404s/hora desde la misma IP`SENSITIVE_PROBE`Acceso repetido a rutas sensibles (.env, wp-admin…)`BRUTE_FORCE`Más de N 401/403 por hora desde la misma IP--- License ------- [](#license) MIT ### Health Score 40 — FairBetter than 86% of packages Maintenance93 Actively maintained with recent releases Popularity10 Limited adoption so far Community6 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~14 days Total 2 Last Release 33d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/c2d62a11d291099b149f387f74e6e85cc48dbdf1a5fb7bf1530cf53e9c21d8a4?d=identicon)[jhosepdies](/maintainers/jhosepdies) --- Top Contributors [![JHOSEPDIES](https://avatars.githubusercontent.com/u/34869162?v=4)](https://github.com/JHOSEPDIES "JHOSEPDIES (3 commits)") --- Tags middlewarelaravelsecurityAuditthreat-detectiontraffic-reader ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/pepeiborra-traffic-reader/health.svg) ``` [![Health](https://phpackages.com/badges/pepeiborra-traffic-reader/health.svg)](https://phpackages.com/packages/pepeiborra-traffic-reader) ``` ### Alternatives [psalm/plugin-laravel Psalm plugin for Laravel 3325.1M337](/packages/psalm-plugin-laravel)[spatie/laravel-responsecache Speed up a Laravel application by caching the entire response 2.8k8.7M64](/packages/spatie-laravel-responsecache)[laravel/pulse Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application. 1.7k14.1M120](/packages/laravel-pulse)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9732.3M121](/packages/roots-acorn)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8956.1k](/packages/dgtlss-warden) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)