PHPackages syftnex/laravel-security - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. syftnex/laravel-security ActivePackage[Security](/categories/security) syftnex/laravel-security ======================== Comprehensive Laravel security package protecting against SQL injection, XSS, and common web attacks. 1.0.0(3mo ago)08MITPHPPHP ^8.2 Since Feb 13Pushed 3mo agoCompare [ Source](https://github.com/syftnex/laravel-security)[ Packagist](https://packagist.org/packages/syftnex/laravel-security)[ RSS](/packages/syftnex-laravel-security/feed)WikiDiscussions main Synced 2mo ago READMEChangelog (1)Dependencies (5)Versions (2)Used By (0) Laravel Security ================ [](#laravel-security) [![Latest Version](https://camo.githubusercontent.com/fa833ec12b8db889a5dbb3c02dba4e52b2d897bb69b9248abba8da588fa7d695/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f737966746e65782f6c61726176656c2d73656375726974792e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/syftnex/laravel-security)[![PHP Version](https://camo.githubusercontent.com/a35cf67061a49f871c2eb2a793164bc1d19a4b8bb62c92ea4c4f0334155df9c2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253545382e322d3838393242462e7376673f7374796c653d666c61742d737175617265)](https://php.net)[![Laravel Version](https://camo.githubusercontent.com/4e20cd9996324853d195c0e53cd6ff480bdb94468cfac895dc5943309392fb99/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c61726176656c2d313125323025374325323031322d4646324432302e7376673f7374796c653d666c61742d737175617265)](https://laravel.com)[![Licence](https://camo.githubusercontent.com/791c3dc728a2b146db03d7806d81fd68bc88c749b095277a24d626c868ed757b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e63652d4d49542d677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENCE.md) **A comprehensive, drop-in security package for Laravel applications.** Protect your app against SQL injection, XSS, and common web attacks with configurable middleware, validation rules, and security headers โ€” all with zero boilerplate. --- โœจ Features ---------- [](#-features) - ๐Ÿงน **Input Sanitization** โ€” Strip null bytes, tags, and dangerous characters from all request data. - ๐Ÿ›ก๏ธ **SQL Injection Guard** โ€” Detect and block SQLi patterns before they hit your database. - ๐Ÿ”’ **XSS Protection** โ€” Neutralize cross-site scripting payloads automatically. - ๐Ÿ“‹ **Security Headers** โ€” Apply `HSTS`, `X-Frame-Options`, `CSP`, and more to every response. - ๐ŸŒ **IP Whitelisting** โ€” Restrict routes to trusted IP addresses (supports CIDR notation). - โœ… **Validation Rules** โ€” `NoSqlInjection` and `NoXss` rules for use in form requests. - ๐ŸŽฏ **Facade** โ€” Quick helpers via `Security::sanitize()` and `Security::addHeaders()`. --- ๐Ÿ“ฆ Requirements -------------- [](#-requirements) DependencyVersionPHP^8.2Laravel^11.0 | ^12.0--- ๐Ÿš€ Installation -------------- [](#-installation) ``` composer require syftnex/laravel-security ``` The package auto-discovers its service provider and facade โ€” no manual registration required. **Publish the config (optional):** ``` php artisan vendor:publish --tag=security-config ``` --- โšก Quick Start ------------- [](#-quick-start) ### Apply middleware to routes [](#apply-middleware-to-routes) ``` Route::middleware([ 'security.sanitize', 'security.sqli', 'security.xss', 'security.headers', ])->group(function () { Route::post('/contact', [ContactController::class, 'store']); }); ``` ### Use validation rules [](#use-validation-rules) ``` use Syftnex\Security\Rules\NoSqlInjection; use Syftnex\Security\Rules\NoXss; $request->validate([ 'name' => ['required', 'string', new NoXss], 'search' => ['required', 'string', new NoSqlInjection], ]); ``` ### Use the facade [](#use-the-facade) ``` use Syftnex\Security\Facades\Security; $clean = Security::sanitize($userInput); ``` --- โš™๏ธ Configuration ---------------- [](#๏ธ-configuration) All features are toggled via environment variables with sensible defaults: ``` SECURITY_ENABLED=true SECURITY_SANITIZE_ENABLED=true SECURITY_SQLI_ENABLED=true SECURITY_XSS_ENABLED=true SECURITY_HEADERS_ENABLED=true SECURITY_IP_WHITELIST_ENABLED=false SECURITY_ALLOWED_IPS=127.0.0.1,10.0.0.0/8 SECURITY_LOG_CHANNEL=stack ``` See [DOCUMENTATION.md](DOCUMENTATION.md) for full configuration reference and all available options. --- ๐Ÿงช Testing --------- [](#-testing) ``` vendor/bin/phpunit ``` --- ๐Ÿ“– Documentation --------------- [](#-documentation) Full documentation is available in [DOCUMENTATION.md](DOCUMENTATION.md). --- ๐Ÿค Contributing -------------- [](#-contributing) Contributions are welcome! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines. --- ๐Ÿ“ Changelog ----------- [](#-changelog) All notable changes are documented in [CHANGELOG.md](CHANGELOG.md). --- ๐Ÿ” Security ---------- [](#-security) If you discover a security vulnerability, please email **** instead of using the issue tracker. --- ๐Ÿ“„ Licence --------- [](#-licence) This package is open-sourced software licenced under the [MIT Licence](LICENCE.md). --- Made with โค๏ธ by [Syftnex](https://syftnex.com) ### Health Score 37 โ€” LowBetter than 83% of packages Maintenance82 Actively maintained with recent releases Popularity7 Limited adoption so far Community6 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits โ€” single point of failure How is this calculated?**Maintenance (25%)** โ€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** โ€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** โ€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** โ€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 95d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/1625c91caafc6d4030f4205a3d73eba1ca6b301d43f630ba94ab7ca734eaffd1?d=identicon)[syftnex](/maintainers/syftnex) --- Top Contributors [![syftnex](https://avatars.githubusercontent.com/u/256070844?v=4)](https://github.com/syftnex "syftnex (1 commits)") --- Tags laravelsecurityfacadexssSQL Injectionip-whitelistsecurity-headersvalidation-rules ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/syftnex-laravel-security/health.svg) ``` [![Health](https://phpackages.com/badges/syftnex-laravel-security/health.svg)](https://phpackages.com/packages/syftnex-laravel-security) ``` ### Alternatives [akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall)[mazedlx/laravel-feature-policy Add Feature-Policy headers to the responses of a Laravel app 17180.5k](/packages/mazedlx-laravel-feature-policy)[laragear/poke Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app 2211.5k](/packages/laragear-poke) PHPackages ยฉ 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)