PHPackages turbo124/bot-licker - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. turbo124/bot-licker ActiveLibrary[Security](/categories/security) turbo124/bot-licker =================== Package for Laravel to block IPs at the network edge 0.1.6(2y ago)2516MITPHP Since May 27Pushed 2y ago1 watchersCompare [ Source](https://github.com/turbo124/bot-licker)[ Packagist](https://packagist.org/packages/turbo124/bot-licker)[ RSS](/packages/turbo124-bot-licker/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (7)Dependencies (4)Versions (8)Used By (0) [![](botlicker.png)](botlicker.png) BotLicker ========= [](#botlicker) Ban / Challenge IPs/Countries at the network edge. -------------------------------------------------- [](#ban--challenge-ipscountries-at-the-network-edge) **The Problem**: After researching some laravel packages that provide firewall functionality, a common theme was that they all block at the application level. This may work for sites with low levels of traffic, but when dealing with a large number of requests it becomes ineffective. It also continues to use resources unnecessarily. Enter BotLicker where you can send your WAF rules direct to Cloudflare for instant implementation. ### Installation [](#installation) ``` composer require turbo124/bot-licker ``` ### Configuration [](#configuration) In your .env file, enter in the following environment variables: ``` CLOUDFLARE_API_KEY="your_cloudflare_API_KEY_that_has_permission to read/write/edit WAF rules" CLOUDFLARE_EMAIL="your_cloudflare_email_address" CLOUDFLARE_ZONE_ID="your_zone_id" CLOUDFLARE_ACCOUNT_ID="your_account_id" ``` ### Usage [](#usage) To permanently ban an IP address from reaching your server. ``` Firewall::ban('101.1.1.254'); ``` To ban an IP address for a certain period of time, simply pass a Carbon instance as the second argument ``` Firewall::ban('10.1.1.1', Carbon::now()->addYear(); ``` To unban and IP address ``` Firewall::unban('101.1.1.254'); ``` If you would prefer to issue a challenge to an IP address ``` Firewall::challenge('101.1.1.254', Carbon::now()->addYear()); ``` To then disable ``` Firewall::unchallenge('101.1.1.254'); ``` If you would prefer to ban an entire country simply pass in the iso\_3166\_2 country code ``` Firewall::banCountry('DE'); ``` To then disable ``` Firewall::unbanCountry('DE'); ``` ### Protected IPs and Countries [](#protected-ips-and-countries) If you need rules to whitelist IP address range or Countries simply... These can be added to the configuration file bot-licker.php ### Automated rules [](#automated-rules) Are you tired of seeing bots trying to hit .env or phpinfo.php in your logs? You can build a custom ruleset which matches a string in the request URI. And then perform an action on the user arriving from this IP (or Country). ``` Rule::matches('phpinfo.php', now()->addYear())->ban(); ``` This will match any incoming request URIs with phpinfo.php in the URL ie and then ban the IP address for a year. ### Extending BotLicker with new providers [](#extending-botlicker-with-new-providers) Currently only Cloudflare is supported, however you can easily implement the ProviderContract and generate the corresponding methods for other WAFs. Once you have created your provider, simply inject it into the `setProvider()` or replace the default provider in the configuration file. ``` Firewall::setProvider(OtherWAF::class)->ban('101.1.1.254', now()->addMinutes(5)); ``` Console commands ---------------- [](#console-commands) If you prefer to ban from the console you can use these commands: - Firewall rules: ``` php artisan firewall:rule ``` - Delete rule from WAF ``` php artisan firewall:waf --delete= ``` - Ban from the command line: ``` firewall:cf-rules {--ban} {--challenge} {--unban} {--unchallenge} ``` ``` php artisan cf-rules --ban=10.1.1.1 ``` - Show bans ``` php artisan firewall:show ``` ### TODO: [](#todo) Currently the package perform simply bans/unbans etc. In the next iteration, ban duration will be also be added in order for some rules to be removed after X timeperiod. ie License ------- [](#license) The MIT License (MIT) ### Health Score 22 — LowBetter than 23% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community7 Small or concentrated contributor base Maturity39 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 7 Last Release 1071d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/5827962?v=4)[David Bomba](/maintainers/turbo124)[@turbo124](https://github.com/turbo124) --- Top Contributors [![turbo124](https://avatars.githubusercontent.com/u/5827962?v=4)](https://github.com/turbo124 "turbo124 (85 commits)") --- Tags cloudflarefirewallbots ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/turbo124-bot-licker/health.svg) ``` [![Health](https://phpackages.com/badges/turbo124-bot-licker/health.svg)](https://phpackages.com/packages/turbo124-bot-licker) ``` ### Alternatives [pragmarx/firewall A Laravel IP whitelisting and blacklisting 1.4k988.9k](/packages/pragmarx-firewall)[akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall)[coderflex/laravel-turnstile A package to help you implement the Cloudflare turnstile "CAPTCHA Alternative" 110317.7k3](/packages/coderflex-laravel-turnstile)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden)[perimeterx/php-sdk PerimeterX SDK for PHP 1885.2k](/packages/perimeterx-php-sdk) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)