PHPackages xorgxx/neox-firegeolocator-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. xorgxx/neox-firegeolocator-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) xorgxx/neox-firegeolocator-bundle ================================= GeolocatorBundle - Restrict access to routes/controllers based on geolocation (classic structure). 10PHPCI passing Since Oct 12Pushed 7mo agoCompare [ Source](https://github.com/xorgxx/NeoxFireGeolocatorBundle)[ Packagist](https://packagist.org/packages/xorgxx/neox-firegeolocator-bundle)[ RSS](/packages/xorgxx-neox-firegeolocator-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (2)Used By (0) 🔥 FireGeolocatorBundle ====================== [](#-firegeolocatorbundle) **FR (français en premier) — EN (English below)** --- 🇫🇷 FR ----- [](#-fr) ### 📌 Résumé [](#-résumé) - **FireGeolocatorBundle** fournit des contrôles d’accès basés sur : - la **géolocalisation** - l’**adresse IP** - l’**agent utilisateur** (navigateur/crawler) - la **détection VPN/Proxy** - Il s’intègre au cycle de vie des requêtes HTTP, applique une **chaîne de filtres configurable**, gère **exclusions et bans temporaires**, et renvoie des réponses adaptées (**HTML, JSON, problem+json**) avec un mode **simulation**. - **Cas d’usage** : Restreindre l’accès par pays/IP, bloquer les crawlers, refuser les VPN/Proxies connus, appliquer du rate limiting, bannir temporairement des clients abusifs… tout en conservant des exclusions (whitelists) et des outils CLI de diagnostic. --- ### ⚙️ Installation [](#️-installation) 1. **Composer (dans votre application Symfony)** ``` composer require neox/fire-geolocator-bundle ``` *(⚠️ nom de package réel : à compléter)* 2. **Activation du bundle** Via Symfony Flex usuel. Sinon, ajouter manuellement dans `config/bundles.php` : ``` return [ Neox\FireGeolocatorBundle\NeoxFireGeolocatorBundle::class => ['all' => true], ]; ``` 3. **Versions supportées** - PHP : `>= 8.2` (attributs PHP 8, types stricts) - Symfony : `6 / 7` (7.x confirmé, usage de `#[AsEventListener]` et AssetMapper) --- ### ⚡ Configuration rapide [](#-configuration-rapide) `config/packages/neox_fire_geolocator.yaml` : ``` neox_fire_geolocator: enabled: true simulate: false provider_fallback_mode: false providers: default: findip list: findip: dsn: "findip+https://api.findip.example.com/ip/{ip}" variables: token: "%env(FINDIP_TOKEN)%" ipapi: dsn: "ipapi+https://ip-api.com/json/{ip}" variables: { } ipinfo: dsn: "ipinfo+https://ipinfo.io/{ip}" variables: token: "%env(IPINFO_TOKEN)%" cache: context_ttl: 300 key_strategy: ip # ip|session filters: navigator: enabled: true default_behavior: allow rules: ['+chrome', '+firefox', '+safari', '+edge', '-android', '-mobile safari'] crawler: enabled: true allow_known: true default_behavior: allow rules: [] country: default_behavior: allow rules: ['-RU', '-KP'] ip: default_behavior: allow rules: ['+127.0.0.1', '-10.0.0.0/8'] vpn: enabled: true default_behavior: block ``` --- ### 🚀 Fonctionnalités clés [](#-fonctionnalités-clés) - Attribut PHP `#[GeoApi]` pour configurer par **contrôleur/action** (override de la config globale). - Résolution de contexte via **providers** : `findip`, `ipapi`, `ipinfo` (DSN `scheme+https://.../{ip}`). - Filtres intégrés : `ip`, `country`, `navigator (UA)`, `crawler`, `vpn`. - **Exclusions temporaires** + gestion de **bans** (tentatives, TTL, durée humaine). - **Rate limiting** complémentaire via `RateLimiterGuard`. - Réponses **HTML / JSON / problem+json** + header `X-Geolocator-Simulate`. - Profiler Symfony + DataCollector (barre WDT). - Mode maintenance CLI + whitelists. --- ### 🧑‍💻 Exemple d’usage [](#‍-exemple-dusage) ``` use Neox\FireGeolocatorBundle\Attribute\GeoApi; use Symfony\Component\Routing\Attribute\Route; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Response; #[Route('/secure')] #[GeoApi( enabled: true, simulate: false, countries: ['+FR', '+BE', '-RU'], ips: ['+127.0.0.1'], vpnEnabled: true, vpnDefaultBehavior: 'block', )] final class SecureController extends AbstractController { #[Route('', name: 'secure_home')] public function __invoke(): Response { return new Response('OK'); } } ``` 🔎 **Décision d’autorisation/refus** : La chaîne de filtres évalue successivement (priorité : **IP → VPN → Navigateur → Country → Crawler**). - Premier refus = stop - `allow` explicite peut court-circuiter - Sinon → comportement par défaut --- ### 📚 Documentation détaillée [](#-documentation-détaillée) - [Docs/fr](./Docs/fr/INDEX.fr.md) - [Docs/en](./Docs/en/INDEX.en.md) --- ### 🛠️ Démonstrations & Exemples [](#️-démonstrations--exemples) #### CLI [](#cli) ``` php bin/console neox:firegeolocator:test-provider --list php bin/console neox:firegeolocator:test-provider findip 1.2.3.4 --compact php bin/console neox:firegeolocator:ban status 1.2.3.4 php bin/console neox:firegeolocator:maintenance status ``` #### HTTP [](#http) - Tester en simulation : `https://yourapp.test/secure?geo_simulate=1` --- ### ✅ Bonnes pratiques [](#-bonnes-pratiques) - Configurez **trusted proxies/headers** correctement pour récupérer l’IP client. - Ajoutez des **timeouts** via `HttpClient` global. - Préférez **Redis** pour le cache/bans en production. - N’activez **jamais** `simulate` en prod. - Vérifiez la cohérence entre `trusted.routes` et vos firewalls internes. --- ### 🤝 Support & Contribution [](#-support--contribution) - Ouvrir une **issue** ou une **PR** sur le dépôt. - Documenter votre environnement et fournir un extrait anonymisé de config. --- --- 🇬🇧 EN ----- [](#-en) ### 📌 Summary [](#-summary) - **FireGeolocatorBundle** provides **access control** based on: - geolocation - IP address - user agent (navigator/crawler) - VPN/Proxy detection - It plugs into the HTTP request cycle, applies a **configurable filter chain**, manages **exclusions and bans**, and returns responses (**HTML / JSON / problem+json**) with a **simulation mode**. --- ### ⚙️ Installation [](#️-installation-1) 1. **Composer** ``` composer require neox/fire-geolocator-bundle ``` *(actual package name TBD)* 2. **Bundle enablement** Usually via Symfony Flex, otherwise add in `config/bundles.php`. 3. **Supported versions** - PHP: `>= 8.2` - Symfony: `6 / 7` --- ### ⚡ Quick configuration [](#-quick-configuration) See the **French YAML block above** – keys are identical. --- ### 🚀 Key features [](#-key-features) - Per-controller attribute `#[GeoApi]`. - Providers: `findip`, `ipapi`, `ipinfo` (DSN with `{ip}`). - Built-in filters: **ip, country, navigator, crawler, vpn**. - Temporary exclusions & bans with TTL. - Rate limiting integration. - Response negotiation + header `X-Geolocator-Simulate`. - Symfony profiler + maintenance mode CLI. --- ### 🧑‍💻 Quick usage [](#‍-quick-usage) - Add `#[GeoApi(...)]` to your controller/action. - **FilterChain logic**: first deny wins, explicit allow may short-circuit, otherwise default behavior applies. --- ### 📚 Documentation [](#-documentation) - [Docs/fr](./Docs/fr/INDEX.fr.md) - [Docs/en](./Docs/en/INDEX.en.md) --- ### 🛠️ Examples [](#️-examples) - CLI: `test-provider`, `ban manager`, `maintenance` - HTTP: add `?geo_simulate=1` --- ### ✅ Best practices [](#-best-practices) - Configure **trusted proxies/headers** and **Redis caching** properly. - Avoid enabling `simulate` in production. --- ### 🤝 Support & Contribution [](#-support--contribution-1) - Use **issues / PRs** with anonymized configuration snippets. ### Health Score 17 — LowBetter than 6% of packages Maintenance45 Moderate activity, may be stable Popularity2 Limited adoption so far Community2 Small or concentrated contributor base Maturity15 Early-stage or recently created project How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/535aee9854a7fc4b23deba19f4b864abfede75d03724ea43a0466ae32991b443?d=identicon)[xorgxx](/maintainers/xorgxx) ### Embed Badge ![Health badge](/badges/xorgxx-neox-firegeolocator-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/xorgxx-neox-firegeolocator-bundle/health.svg)](https://phpackages.com/packages/xorgxx-neox-firegeolocator-bundle) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)