PHPackages webrium/xzeroprotect - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. webrium/xzeroprotect ActiveLibrary[Security](/categories/security) webrium/xzeroprotect ==================== A lightweight, file-based PHP firewall library for protecting web applications from bots, scanners, and common attacks. 14PHP Since Feb 27Pushed 2mo agoCompare [ Source](https://github.com/webrium/xzeroprotect)[ Packagist](https://packagist.org/packages/webrium/xzeroprotect)[ RSS](/packages/webrium-xzeroprotect/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) ``` ██╗ ██╗███████╗███████╗██████╗ ██████╗ ██████╗ ██████╗ ██████╗ ████████╗███████╗ ██████╗████████╗ ╚██╗██╔╝╚══███╔╝██╔════╝██╔══██╗██╔═══██╗██╔══██╗██╔══██╗██╔═══██╗╚══██╔══╝██╔════╝██╔════╝╚══██╔══╝ ╚███╔╝ ███╔╝ █████╗ ██████╔╝██║ ██║██████╔╝██████╔╝██║ ██║ ██║ █████╗ ██║ ██║ ██╔██╗ ███╔╝ ██╔══╝ ██╔══██╗██║ ██║██╔═══╝ ██╔══██╗██║ ██║ ██║ ██╔══╝ ██║ ██║ ██╔╝ ██╗███████╗███████╗██║ ██║╚██████╔╝██║ ██║ ██║╚██████╔╝ ██║ ███████╗╚██████╗ ██║ ╚═╝ ╚═╝╚══════╝╚══════╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ``` **A lightweight, file-based PHP firewall for the modern web.** No database. No external services. No compromises. [![PHP](https://camo.githubusercontent.com/676666f72d76189292fe99506cc97fa6f97080f16bc232f76113b47f023942fd/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d253345253344253230382e302d3838393242463f7374796c653d666c61742d737175617265266c6f676f3d706870266c6f676f436f6c6f723d7768697465)](https://php.net)[![Composer](https://camo.githubusercontent.com/66cc4605009ee958683bce0775f445bdc9bf1cd009f13c6b191df28809c2e2f7/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f436f6d706f7365722d7765627269756d253246787a65726f70726f746563742d3838353633303f7374796c653d666c61742d737175617265266c6f676f3d636f6d706f736572266c6f676f436f6c6f723d7768697465)](https://packagist.org/packages/webrium/xzeroprotect)[![License](https://camo.githubusercontent.com/2064788fb84458d8ff362f54c72f9e243482923edc86c7959056107df445aca7/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d3232633535653f7374796c653d666c61742d737175617265)](LICENSE)![Zero Dependencies](https://camo.githubusercontent.com/89a579d91e75d25f491f952a0364969514492fd6cee343a6f3710a96dfc34684/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f446570656e64656e636965732d5a65726f2d6635396530623f7374796c653d666c61742d737175617265) --- Why xZeroProtect? ----------------- [](#why-xzeroprotect) Every day, bots crawl your application looking for exposed `.env` files, WordPress admin panels, SQL injection vectors, and known CVEs — even if you're not running WordPress. xZeroProtect stops them at the PHP layer with zero external dependencies, no database connection, and a clean API you can tune in minutes. - **File-based** — everything stored on disk; no MySQL, Redis, or memcached required - **Zero dependencies** — pure PHP 8.0+, nothing else - **Composable** — enable, disable, or extend every detection module independently - **Learning mode** — log threats without blocking, perfect for tuning before going live - **Apache-aware** — optionally write permanent bans into `.htaccess` so Apache rejects them before PHP even starts --- Installation ------------ [](#installation) ``` composer require webrium/xzeroprotect ``` --- Quick Start ----------- [](#quick-start) Add these two lines at the very top of your `index.php` or bootstrap file: ```