PHPackages                             senza1dio/security-shield - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. senza1dio/security-shield

ActiveLibrary[Security](/categories/security)

senza1dio/security-shield
=========================

Security Middleware for PHP - Honeypot, Scanner Detection, Rate Limiting, Resilience Patterns

302PHPCI failing

Since Jan 25Pushed 5mo agoCompare

[ Source](https://github.com/senza1dio/enterprise-security-shield)[ Packagist](https://packagist.org/packages/senza1dio/security-shield)[ RSS](/packages/senza1dio-security-shield/feed)WikiDiscussions main Synced today

READMEChangelogDependenciesVersions (1)Used By (0)

Security Shield
===============

[](#security-shield)

[![PHP Version](https://camo.githubusercontent.com/d6aac44f81cb2e6f4e71f098a1cb4a71992f24f7bfb424f6670db8313c9a855c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d253545382e312d626c7565)](https://www.php.net/)[![License](https://camo.githubusercontent.com/784362b26e4b3546254f1893e778ba64616e362bd6ac791991d2c9e880a3a64e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e2e737667)](LICENSE)

**Security Middleware for PHP 8.1+**

Honeypot, scanner detection, and resilience patterns for PHP applications.

---

What This Package Does
----------------------

[](#what-this-package-does)

- **Honeypot System** - 69 trap endpoints to catch scanners (/.env, /wp-admin, etc.)
- **Scanner Detection** - Identifies sqlmap, nikto, masscan by signatures
- **Rate Limiting** - 4 algorithms: sliding window, token bucket, leaky bucket, fixed window
- **IP Scoring** - Accumulates threat scores based on behavior
- **Bot Verification** - DNS-based verification for Googlebot, Bingbot
- **Geo-Blocking** - Country-level restrictions via external GeoIP provider

What This Package Does NOT Do
-----------------------------

[](#what-this-package-does-not-do)

- **Not a WAF** - No SQL injection, XSS, or OWASP Top 10 detection
- **Not DDoS Protection** - Cannot handle volumetric attacks (use Cloudflare/AWS Shield)
- **Not ML-Based** - No machine learning, just signature and statistical detection
- **Not Penetration Tested** - Has not undergone professional security audit

**Use alongside a real WAF (ModSecurity, Cloudflare) for production.**

---

Architecture
------------

[](#architecture)

### Resilience Patterns

[](#resilience-patterns)

PatternDescriptionStorage RequiredCircuit BreakerFail fast when dependency is downRedis (distributed) or none (local)Retry PolicyExponential backoff with jitterNoneFallback ChainTry providers in order until successNoneBulkheadLimit concurrent executionsRedis### Observability

[](#observability)

ComponentFormatNotesTracingOpenTelemetry-compatibleW3C traceparent context propagationMetricsPrometheus text formatCounters, gauges, histogramsHealthJSON + HTTP statusLiveness/readiness for Kubernetes### Anomaly Detection

[](#anomaly-detection)

DetectorWhat It DetectsStatisticalValues outside Z-score thresholdRateRequest rate spikes/dropsPatternUnusual paths, methods, user agentsTime-BasedActivity during unusual hours---

Installation
------------

[](#installation)

```
composer require senza1dio/security-shield
```

Quick Start
-----------

[](#quick-start)

### Option 1: No Dependencies (Development/Testing)

[](#option-1-no-dependencies-developmenttesting)

```
