PHPackages survos/blacklist-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. survos/blacklist-bundle ActiveSymfony-bundle survos/blacklist-bundle ======================= Bundle to track and block bots that are probing the site 07PHP Since Feb 15Pushed 1y agoCompare [ Source](https://github.com/survos/blacklist-bundle)[ Packagist](https://packagist.org/packages/survos/blacklist-bundle)[ RSS](/packages/survos-blacklist-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) BadBotBundle ============ [](#badbotbundle) If you visit a link likely to be a bot probing the site for weakness, you'll be banned! How it works ------------ [](#how-it-works) - At the beginning of every request, check if the IP is marked as banned and block it if is. - At the end of every request that returns a 404, if the path is a likely bad bot path, add the IP to the banned list. - The banned IP list can either be in the application cache (fast and will reset after a configurable time) or persisted in a key value list. The key/value bundle stores the following: - probe\_paths: e.g. phpinfo, wp-admin - banned\_ip: (optional) list of banned IPs (if we want to persist them) Idea: BadBotServer, to track banned IPs, probe paths, user-agents, etc. $kvManager->add('banned\_ips', $ip); OR ``` $ip = $cache->get('banned_ips_' . $ip), function (ItemCache) { // set the timeout } In BeforeRequestListener: Check the banned IP list (either via the cache) ```php if ($cache->has('banned_ips_' . $ip)) { // abort the request } ``` Highly inspired by lsbproject/blacklist-bundle Installation ============ [](#installation) ``` composer require survos/bad-bot-bundle ``` ### Update database schema [](#update-database-schema) ``` bin/console doctrine:schema:update --force bin/console bot:populate https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/raw/refs/heads/master/_generator_lists/bad-ip-addresses.list ``` Usage ===== [](#usage) @todo: @todo: refactor with annotations. Really this part could be a generic KeyValuesBundle, e.g. $kvManager->list('ip') ``` use LSBProject\BlacklistBundle\Validator\Constraints\IsNotBlacklisted; //... /** * 'baz' type isn't defined in bundle, so it will be handled with * default_type class. Default one has no validation and will compare * any value with other existed * * @IsNotBlacklisted(type="baz", caseSensetive=true) * @var string */ private $bar; /** * 'email' type will dissallow to put invalid emails in blacklist * * @IsNotBlacklisted(type="email", caseSensetive=true) * @var string */ private $email; ``` Types ----- [](#types) Bundle tries to validate exact blacklist type with validator types. You can implement your own type or use default one. To add your own validator just implement `TypeInterface` e.g. ``` use LSBProject\BlacklistBundle\Type\TypeInterface; use LSBProject\BlacklistBundle\Type\DefaultType; class EmailType extends DefaultType implements TypeInterface { /** * {@inheritDoc} */ public function satisfies(string $value): bool { return filter_var($value, FILTER_VALIDATE_EMAIL); } /** * {@inheritDoc} */ public function supports(string $type): bool { return $type === 'email'; } } ``` and tag it with `lsbproject.blacklist.type` ``` email_blacklist_type: class: 'LSBProject\BlacklistBundle\Type\EmailType' tags: - { name: 'lsbproject.blacklist.type' } ``` Default ------- [](#default) If there are no supported types found bundle will use default type. You can override it in config: ``` lsb_project_blacklist: default_type: LSBProject\BlacklistBundle\Type\DefaultType ``` Validate storage ---------------- [](#validate-storage) If you do not want to use database as a storage for blacklist you can implement your own `validate` method for a separate or default types. example of default `validate` ``` class DefaultType implements TypeInterface { //... /** * {@inheritDoc} */ public function validate( string $value, Constraint $constraint, ExecutionContextInterface &$context, BlacklistManagerInterface $manager ): void { if ($manager->isBlacklisted($value, $constraint->type, $constraint->caseSensetive)) { $context->buildViolation($constraint->message)->addViolation(); } } } ``` ### Health Score 15 — LowBetter than 3% of packages Maintenance33 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community8 Small or concentrated contributor base Maturity16 Early-stage or recently created project Bus Factor1 Top contributor holds 60% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/21b39551f92ed4143772c622f9e571589c5a72c96ab3c53fe67489ce0d83e806?d=identicon)[tacman1123](/maintainers/tacman1123) --- Top Contributors [![fedorenko22116](https://avatars.githubusercontent.com/u/22433371?v=4)](https://github.com/fedorenko22116 "fedorenko22116 (9 commits)")[![tacman](https://avatars.githubusercontent.com/u/619585?v=4)](https://github.com/tacman "tacman (6 commits)") ### Embed Badge ![Health badge](/badges/survos-blacklist-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/survos-blacklist-bundle/health.svg)](https://phpackages.com/packages/survos-blacklist-bundle) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)