PHPackages tourze/symfony-scan-detect-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. tourze/symfony-scan-detect-bundle ActiveSymfony-bundle[Security](/categories/security) tourze/symfony-scan-detect-bundle ================================= Symfony bundle for detecting and preventing malicious scan attempts and 404 attacks using PSR-16 SimpleCache 0.0.2(4mo ago)00MITPHPCI passing Since Nov 1Pushed 4mo ago1 watchersCompare [ Source](https://github.com/tourze/symfony-scan-detect-bundle)[ Packagist](https://packagist.org/packages/tourze/symfony-scan-detect-bundle)[ RSS](/packages/tourze-symfony-scan-detect-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)Dependencies (17)Versions (3)Used By (0) Symfony Scan Detect Bundle ========================== [](#symfony-scan-detect-bundle) [![PHP Version Require](https://camo.githubusercontent.com/759e346ff32eb08c1c8515c22791e299c042400fdddd7fa30199b35c7230d246/68747470733a2f2f706f7365722e707567782e6f72672f746f75727a652f73796d666f6e792d7363616e2d6465746563742d62756e646c652f726571756972652f706870)](https://packagist.org/packages/tourze/symfony-scan-detect-bundle)[![License](https://camo.githubusercontent.com/014852415d7da3f70a0455741026ea9d55936f6723b3f1e36286e8a907ad8c51/68747470733a2f2f706f7365722e707567782e6f72672f746f75727a652f73796d666f6e792d7363616e2d6465746563742d62756e646c652f6c6963656e7365)](https://packagist.org/packages/tourze/symfony-scan-detect-bundle)[![Build Status](https://github.com/tourze/symfony-scan-detect-bundle/workflows/CI/badge.svg)](https://github.com/tourze/symfony-scan-detect-bundle/actions)[![Coverage Status](https://camo.githubusercontent.com/95bb5f0cf8fc69fa966da778485cc134f26ab68377dbba480c5f8a55d69a6ab3/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f746f75727a652f73796d666f6e792d7363616e2d6465746563742d62756e646c652f62616467652e7376673f6272616e63683d6d6173746572)](https://coveralls.io/github/tourze/symfony-scan-detect-bundle?branch=master) [English](README.md) | [中文](README.zh-CN.md) A Symfony bundle that provides protection against malicious scanning and brute force attacks by detecting and blocking IPs that generate excessive 404 errors. Features -------- [](#features) - **Automated IP blocking**: Automatically blocks IPs that generate excessive 404 errors - **Configurable thresholds**: Set custom limits for error count and block duration - **Safe IP whitelist**: Protects local IPs (127.0.0.1, ::1) from being blocked - **Cache-based storage**: Uses PSR-16 SimpleCache for efficient tracking - **Event-driven architecture**: Integrates seamlessly with Symfony's event system Installation ------------ [](#installation) ``` composer require tourze/symfony-scan-detect-bundle ``` Quick Start ----------- [](#quick-start) 1. Add the bundle to your `config/bundles.php`: ``` return [ // ... Tourze\ScanDetectBundle\ScanDetectBundle::class => ['all' => true], ]; ``` 2. Configure the bundle by setting environment variables: ``` # Maximum number of 404 errors allowed within 1 minute (default: 20) SCAN_DETECT_404_FOUND_TIME=20 ``` 3. The bundle will automatically start protecting your application from scanning attacks. Configuration ------------- [](#configuration) The bundle uses environment variables for configuration: - `SCAN_DETECT_404_FOUND_TIME`: Maximum number of 404 errors allowed per IP within 1 minute (default: 20) How it works ------------ [](#how-it-works) 1. **Request Monitoring**: The bundle monitors all incoming requests 2. **404 Error Tracking**: When a 404 error occurs, it's recorded for the client IP 3. **Threshold Detection**: If an IP exceeds the configured error threshold within 1 minute, it's marked as suspicious 4. **Automatic Blocking**: Suspicious IPs are blocked for 5 minutes with a 403 response 5. **Safe IP Protection**: Local IPs (127.0.0.1, ::1) are never blocked Example Usage ------------- [](#example-usage) ``` // The bundle works automatically once installed // No manual configuration required for basic usage // For custom cache implementation: use Psr\SimpleCache\CacheInterface; use Tourze\ScanDetectBundle\EventSubscriber\ScanDetect404Subscriber; // The subscriber is automatically registered via services.yaml $cache = $container->get(CacheInterface::class); $subscriber = new ScanDetect404Subscriber($cache); ``` Console Commands ---------------- [](#console-commands) ### scan-detect:cleanup [](#scan-detectcleanup) Provides cache management functionality for scan detection. In the Cache-based architecture, blocking and counting data automatically expire (blocking for 5 minutes, counting for 1 minute), so manual cleanup is usually not required. ``` # Run the cleanup command php bin/console scan-detect:cleanup ``` **Command Features:** - Shows current cache architecture status - Provides manual cache cleanup options (though usually unnecessary) - Displays optimization benefits of the cache-based approach **Example Output:** ``` 扫描检测清理工具 (Cache-based) ================================ 缓存架构说明 ----------- • IP阻断状态:自动5分钟过期 • 错误计数:自动1分钟过期 • 无需持久化存储,无旧数据积累 ✅ Cache-based架构:所有数据自动过期,无需手动清理 架构优化成果 ----------- ✅ 已从数据库存储迁移到内存缓存 ✅ 自动过期机制,无数据积累 ✅ 零维护成本,高性能防护 ``` Testing ------- [](#testing) Run the test suite: ``` vendor/bin/phpunit packages/symfony-scan-detect-bundle/tests ``` License ------- [](#license) This bundle is released under the MIT license. See the [LICENSE](LICENSE) file for details. ### Health Score 27 — LowBetter than 49% of packages Maintenance74 Regular maintenance activity Popularity0 Limited adoption so far Community4 Small or concentrated contributor base Maturity26 Early-stage or recently created project How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~47 days Total 2 Last Release 143d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e354fdb316da535dfa8ba2e9193a473c403b6bc6fb9170778d1dc50e304c6e9d?d=identicon)[tourze](/maintainers/tourze) ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/tourze-symfony-scan-detect-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/tourze-symfony-scan-detect-bundle/health.svg)](https://phpackages.com/packages/tourze-symfony-scan-detect-bundle) ``` ### Alternatives [shopware/platform The Shopware e-commerce core 3.3k1.5M3](/packages/shopware-platform)[sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M651](/packages/sylius-sylius)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[prestashop/prestashop PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. 9.0k15.4k](/packages/prestashop-prestashop)[shopware/core Shopware platform is the core for all Shopware ecommerce products. 595.2M386](/packages/shopware-core)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)