PHPackages turbo124/waffy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. turbo124/waffy ActiveLibrary[Security](/categories/security) turbo124/waffy ============== Nginx denylist package v1.0.1(1y ago)081.0k↑70.1%2MITPHPPHP >=8.2 Since Apr 16Pushed 1y ago1 watchersCompare [ Source](https://github.com/turbo124/waffy)[ Packagist](https://packagist.org/packages/turbo124/waffy)[ RSS](/packages/turbo124-waffy/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (5)Dependencies (6)Versions (6)Used By (2) Waffy ===== [](#waffy) Simple PHP => Nginx denylist Waffy allows you to easily add and remove IP addresses from a global Nginx denylist. This is useful for blocking bots and spammy crawlers that are hammering your site with requests. The major benefit of this package is that it blocks the request at the Nginx level before it even reaches your PHP application, conserving resources for legitimate requests Host Configuration (Ubuntu) --------------------------- [](#host-configuration-ubuntu) In order to allow a php process to run nginx commands you will need to assign dedicated permissions via the sudoers file ``` sudo visudo ``` Add the following lines ``` www-data ALL=(ALL) NOPASSWD: /usr/sbin/nginx -s reload www-data ALL=(ALL) NOPASSWD: /usr/sbin/nginx -t ``` This will allow the www-data user to run these two command ONLY, Check Nginx configuration `nginx -t`Reload Nginx `nginx -s reload` ### Create directory structure to hold the denylist.conf file [](#create-directory-structure-to-hold-the-denylistconf-file) ``` sudo mkdir /etc/nginx/blacklist ``` ### Ensure it is accessible and writable by www-data [](#ensure-it-is-accessible-and-writable-by-www-data) ``` sudo chown -R www-data:www-data /etc/nginx/blacklist ``` ### Touch the denylist.conf file and ensure it is read/writable by www-data [](#touch-the-denylistconf-file-and-ensure-it-is-readwritable-by-www-data) ``` sudo touch /etc/nginx/blacklist/denylist.conf sudo chown www-data:www-data /etc/nginx/blacklist/denylist.conf ``` ### Add the following to the http {} block in your nginx.conf file if you want a global denylist, or to each individual sites vhost config file if you only want a targeted denylist. [](#add-the-following-to-the-http--block-in-your-nginxconf-file-if-you-want-a-global-denylist-or-to-each-individual-sites-vhost-config-file-if-you-only-want-a-targeted-denylist) ``` http { include /etc/nginx/blacklist/*; } ``` ### Test the config and reload Nginx [](#test-the-config-and-reload-nginx) ``` sudo nginx -t sudo service nginx reload ``` Usage ----- [](#usage) ``` composer require turbo124/waffy ``` Ban an IP Address ``` use Turbo124\Waffy\Deny; $deny = new Deny(); $deny->addDeny('1.2.3.4'); ``` Unban an IP Address ``` $deny = new Deny(); $deny->removeDeny('1.2.3.4'); ``` Ban using CIDR notation ``` $deny = new Deny(); $deny->addDeny('192.168.0.0/24'); ``` Clear all IPs from deny list ``` $deny = new Deny(); $deny->clearDenyList() ``` > **Note:**All methods retrun a boolean on success, or throw an \\Exception. ### Health Score 39 — LowBetter than 86% of packages Maintenance47 Moderate activity, may be stable Popularity31 Limited adoption so far Community12 Small or concentrated contributor base Maturity53 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 5 Last Release 398d ago Major Versions v0.1.1 → v1.0.02025-04-16 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/5827962?v=4)[David Bomba](/maintainers/turbo124)[@turbo124](https://github.com/turbo124) --- Top Contributors [![turbo124](https://avatars.githubusercontent.com/u/5827962?v=4)](https://github.com/turbo124 "turbo124 (10 commits)") ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/turbo124-waffy/health.svg) ``` [![Health](https://phpackages.com/badges/turbo124-waffy/health.svg)](https://phpackages.com/packages/turbo124-waffy) ``` ### Alternatives [matomo/matomo Matomo is the leading Free/Libre open analytics platform 21.4k37.3k](/packages/matomo-matomo)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[magento/community-edition Magento 2 (Open Source) 12.1k52.1k10](/packages/magento-community-edition)[illuminate/console The Illuminate Console package. 12944.1M5.1k](/packages/illuminate-console)[shopware/core Shopware platform is the core for all Shopware ecommerce products. 595.2M386](/packages/shopware-core)[spatie/ssl-certificate-chain-resolver SSL certificate chain resolver 3069.6k](/packages/spatie-ssl-certificate-chain-resolver) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)