Web Application Firewall (WAF) package for Laravel

Overview

Web Application Firewall (WAF) package for Laravel

Downloads Tests StyleCI Quality License

This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi, RFI, LFI, User Agent, and a lot more. It will also block repeated attacks and send notification via email and/or slack when attack is detected. Furthermore, it will log failed logins and block the IP after a number of attempts.

Note: Some middleware classes (i.e. Xss) are empty as the Middleware abstract class that they extend does all of the job, dynamically. In short, they all works ;)

Getting Started

1. Install

Run the following command:

composer require akaunting/laravel-firewall

2. Register (for Laravel < 5.5)

Register the service provider in config/app.php

Akaunting\Firewall\Provider::class,

3. Publish

Publish configuration, language, and migrations

php artisan vendor:publish --tag=firewall

4. Database

Create db tables

php artisan migrate

5. Configure

You can change the firewall settings of your app from config/firewall.php file

Usage

Middlewares are already defined so should just add them to routes. The firewall.all middleware applies all the middlewares available in the all_middleware array of config file.

Route::group(['middleware' => 'firewall.all'], function () {
    Route::get('/', 'HomeController@index');
});

You can apply each middleware per route. For example, you can allow only whitelisted IPs to access admin:

Route::group(['middleware' => 'firewall.whitelist'], function () {
    Route::get('/admin', 'AdminController@index');
});

Or you can get notified when anyone NOT in whitelist access admin, by adding it to the inspections config:

Route::group(['middleware' => 'firewall.url'], function () {
    Route::get('/admin', 'AdminController@index');
});

Available middlewares applicable to routes:

firewall.all

firewall.agent
firewall.bot
firewall.geo
firewall.ip
firewall.lfi
firewall.php
firewall.referrer
firewall.rfi
firewall.session
firewall.sqli
firewall.swear
firewall.url
firewall.whitelist
firewall.xss

You may also define routes for each middleware in config/firewall.php and apply that middleware or firewall.all at the top of all routes.

Notifications

Firewall will send a notification as soon as an attack has been detected. Emails entered in notifications.email.to config must be valid Laravel users in order to send notifications. Check out the Notifications documentation of Laravel for further information.

Changelog

Please see Releases for more information what has changed recently.

Contributing

Pull requests are more than welcome. You must follow the PSR coding standards.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see LICENSE for more information.

Comments
  • How can I add a wildcard or range of addresses to the whitelist?

    How can I add a wildcard or range of addresses to the whitelist?

    Is there/needs to be a way to add a wildcard for a range of IP whitelist addresses such as:

    1.2.3.* so that the entire 1.2.3 network can access the pages.

    If there is already a way please point me to the docs. Thanks.

    opened by codejockey68 5
  • Call to undefined method Akaunting\Firewall\Middleware\Whitelist::whitelist()

    Call to undefined method Akaunting\Firewall\Middleware\Whitelist::whitelist()

    When using just the firewall.whitelist, getting call to undefined.

    Route::group(['middleware' => 'firewall.whitelist'], function () {
    
        Route::get('/admin', 'Admin\DashboardController@index');
    
    });
    
    opened by trevorllarson 4
  • Error while discover after installing

    Error while discover after installing

    "Writing lock file Generating optimized autoload files

    Illuminate\Foundation\ComposerScripts::postAutoloadDump @php artisan package:discover --ansi

    TypeError

    Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in /home/pi/GestionJ/idf-armatures/vendor/akaunting/firewall/src/Provider.php on line 60

    at vendor/laravel/framework/src/Illuminate/Routing/Router.php:879 875| * @param string $name 876| * @param array $middleware 877| * @return $this 878| */

    879| public function middlewareGroup($name, array $middleware) 880| { 881| $this->middlewareGroups[$name] = $middleware; 882| 883| return $this;

      +10 vendor frames
    

    11 [internal]:0 Illuminate\Foundation\Application::Illuminate\Foundation{closure}(Object(Akaunting\Firewall\Provider))

      +5 vendor frames
    

    17 artisan:37 Illuminate\Foundation\Console\Kernel::handle(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) Script @php artisan package:discover --ansi handling the post-autoload-dump event returned with error code 1"

    This is happens while i was trying to install Do you have a idea what is the problem TY ! ;D

    opened by ninijule 3
  • thow exception when middleware blocks the request

    thow exception when middleware blocks the request

    This mr will allow the dev to thow an exception when the middleware triggers the block. The exception can be caught by the handler to render any specific actions and could also render a usefull message to the user when the block came from an ajax request

    opened by yormy 2
  • Laravel 8 support

    Laravel 8 support

    Hello,

    this my error [user@serv laravel-app]$ composer require akaunting/laravel-firewall Using version ^1.3 for akaunting/laravel-firewall ./composer.json has been updated Running composer update akaunting/laravel-firewall Loading composer repositories with package information Updating dependencies Lock file operations: 1 install, 0 updates, 0 removals

    • Locking akaunting/laravel-firewall (1.3.2) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 1 install, 0 updates, 0 removals
    • Installing akaunting/laravel-firewall (1.3.2): Extracting archive Generating optimized autoload files

    Illuminate\Foundation\ComposerScripts::postAutoloadDump @php artisan package:discover --ansi

    TypeError

    Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in /home/user/laravel-app/vendor/akaunting/laravel-firewall/src/Provider.php on line 60

    at vendor/laravel/framework/src/Illuminate/Routing/Router.php:913 909▕ * @param string $name 910▕ * @param array $middleware 911▕ * @return $this 912▕ */ ➜ 913▕ public function middlewareGroup($name, array $middleware) 914▕ { 915▕ $this->middlewareGroups[$name] = $middleware; 916▕ 917▕ return $this;

      +9 vendor frames
    

    10 [internal]:0 Illuminate\Foundation\Application::Illuminate\Foundation{closure}()

      +5 vendor frames
    

    16 artisan:37 Illuminate\Foundation\Console\Kernel::handle() Script @php artisan package:discover --ansi handling the post-autoload-dump event returned with error code 1

    Installation failed, reverting ./composer.json and ./composer.lock to their original content.

    opened by el3wdy 2
  •   Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in vendor\akaunting\firewall\src\Provider.php on line 60

    Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in vendor\akaunting\firewall\src\Provider.php on line 60

    TypeError

    Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in vendor\akaunting\firewall\src\Provider.php on line 60

    at vendor\laravel\framework\src\Illuminate\Routing\Router.php:879 Script @php artisan package:discover --ansi handling the post-autoload-dump event returned with error code 1 875| * @param string $name 876| * @param array $middleware 877| * @return $this 878| */

    879| public function middlewareGroup($name, array $middleware) 880| { 881| $this->middlewareGroups[$name] = $middleware; 882| 883| return $this;

    1 vendor\akaunting\firewall\src\Provider.php:60 Illuminate\Routing\Router::middlewareGroup("firewall.all")

    2 vendor\akaunting\firewall\src\Provider.php:33 Akaunting\Firewall\Provider::registerMiddleware(Object(Illuminate\Routing\Router))

    PHP ver:7.2 LARAVEL ver 7. Server IIS

    opened by damku999 2
  • Error installing

    Error installing

    Hi, I am getting below error when installing: Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in /var/www/live_4wd/vendor/akaunting/firewall/src/Provider.php on line 60

    at vendor/laravel/framework/src/Illuminate/Routing/Router.php:879 875| * @param string $name 876| * @param array $middleware 877| * @return $this 878| */

    879| public function middlewareGroup($name, array $middleware) 880| { 881| $this->middlewareGroups[$name] = $middleware; 882| 883| return $this;

      +10 vendor frames 
    

    11 [internal]:0 Illuminate\Foundation\Application::Illuminate\Foundation{closure}()

      +5 vendor frames 
    

    17 artisan:37 Illuminate\Foundation\Console\Kernel::handle()

    Appreciate if you can look into it.

    opened by aadityamundhalia 2
  • installation error

    installation error

    New project based on latest Laravel 7

    Command:

    composer require akaunting/firewall

    error:

    Argument 2 passed to Illuminate\Routing\Router::middlewareGroup() must be of the type array, null given, called in /home/vagrant/code/xxx/vendor/akaunting/firewall/src/Provider.php on line 60

    opened by rabol 2
  • Patched service provider to work with Laravel 7

    Patched service provider to work with Laravel 7

    Patched service provider to work with Laravel 7, which requires an array as second parameter to middlewareGroup(), when it is null before config is cached.

    opened by townsweb 1
  • limit request log size

    limit request log size

    When the request is very long (in my case it was a base64 encoded screenshot that triggered the rfi) then the database layer would break as the request size was too long to insert in the database.

    With this MR the request size is reduced to the setting in the config

    opened by yormy 1
  • How can I hash the IP address?

    How can I hash the IP address?

    I would like to save the IP hashed instead of raw - is there anywhere where I can say how I want the IP to be saved?

    i.e. hash("sha256", 'abcd'.\Request::ip().'1234')

    opened by iec989 1
  • TypeError thrown when null given on middleware

    TypeError thrown when null given on middleware

    I got this error on my production server. Illuminate\Routing\Router::middlewareGroup(): Argument #2 ($middleware) must be of type array, null given, called in /home/ljsharp1/fmcosmetics.ljsharp.com/vendor/akaunting/laravel-firewall/src/Provider.php on line 60

    How can I fix this issue please?

    opened by ljsharp 0
  • Only one whitelist IP can be defined via the .env file

    Only one whitelist IP can be defined via the .env file

    This only allows 1 IP to be defined within the .env file.

    Getting the environment value grabs a whole string: https://github.com/akaunting/laravel-firewall/blob/72f30fa7962e4682aca341ba273156dbc483da6b/src/Config/firewall.php#L7

    When it's used it is only treated as containing 1 IP in a string: https://github.com/akaunting/laravel-firewall/blob/72f30fa7962e4682aca341ba273156dbc483da6b/src/Traits/Helper.php#L24

    opened by carlos-reynosa 0
  • limit referrer max size

    limit referrer max size

    I saw many of the following errors in the logs due to too long referrer. production.ERROR: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'referrer' at row 1 (SQL: insert into `firewall_logs` (`ip`, `level`, `middleware`, `user_id`, `url`, `referrer`, `request`, `updated_at`, `created_at`)

    opened by 2000calories 0
  • prevent ip block but add message to request. This is especially usefu…

    prevent ip block but add message to request. This is especially usefu…

    prevent ip block but add message to request. This is especially usefull when you want to keep your firewall intact, but still allow certain ips to pass. Just whitelisting bypasses the entire firewall, prevent_ip_block keeps your firewall and logging all the same but the ip passes and a flag is added to the request that normally the ip would have been blocked

    Also usefull if you allow certain ips to pentest your system, and allow them to see that normally the firewall would have been kicked in and banned the ip

    opened by yormy 0
Releases(2.0.0)
Owner
Akaunting
Free and online accounting software. Manage your money. Get invoices paid. Track expenses.
Akaunting
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Sam Sanoop 416 Dec 17, 2022
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap

null 752 Jan 3, 2023
The Security component provides a complete security system for your web application.

Security Component The Security component provides a complete security system for your web application. It ships with facilities for authenticating us

Symfony 1.2k Jan 1, 2023
WebVulScan - a web application vulnerability scanner

WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities.

Dermot Blair 145 Nov 20, 2022
Web Shells that can bypass system firewalls

No System Is Safe Summary Tsayou web shell is a backdoor built using the PHP programming language and designed to bypass multiple system firewalls on

22XploiterCrew 26 Jun 21, 2021
A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote URL.

Simple PHP Web Backdoor A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote U

Aqhmal Hafizi 15 Oct 7, 2022
The new generation of famous WSO web shell. With perks included

wso-ng New generation of famous WSO web shell. With perks included default password is "root" changes can now hook password when loaded via stub <?php

0xbadad 12 Oct 5, 2022
sqlscan is quick web scanner for find an sql inject point

sqlscan sqlscan is quick web scanner for find an sql inject point. not for educational, this is for hacking. use sitemap for best result Simple to use

Bellatrix Lugosi 133 Dec 29, 2022
Web page performance/seo/security/accessibility analysis, browser-less for PHP

Web page performance/seo/security/accessibility analysis, browser-less for PHP

Lightship 5 Dec 15, 2022
CORS (Cross-Origin Resource Sharing) middleware for Hyperf application.

CORS Middleware for Hyperf Implements fruitcake/laravel-cors for Hyperf. Features Handles CORS pre-flight OPTIONS requests Adds CORS headers to your r

Gang Wu 8 Sep 19, 2022
Github Action which checks Security issues scanning package manager files

security-checker-action This action checks your composer.lock for known vulnerabilities in your package dependencies. Inputs lock optional The path to

Druid 0 May 5, 2022
Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Graham Campbell 170 Nov 20, 2022
Laravel Automated Vulnerability Scanner

Todo Laravel Fingerprint Laravel Leak .env Laravel Debug Mode Laravel CVE-2018-15133 Laravel Ignition CVE-2021-3129 Insecure Deserialization with APP_

Carlos Vieira 52 Dec 4, 2022
Replaces Laravel's built-in encryption with an encryption based on AWS KMS

Laravel Kms Encryption Introduction This package replaces Laravel's built-in encryption with an encryption based on AWS KMS. Two major features provid

Arnaud Becher 3 Oct 26, 2021
An SSL/TLS service for Laravel

An SSL/TLS service for Laravel. Use the openssl driver it includes or create your own custom driver.

null 1 Oct 31, 2021
Laravel and Lumen Source Code Encrypter

Laravel Source Encrypter This package encrypts your php code with phpBolt For Laravel and Lumen 6, 7, 8 Installation Usage Installation Step 1 At the

Siavash Bamshadnia 363 Jan 1, 2023
Honeypot spam prevention for Laravel applications

Honeypot spam prevention for Laravel applications How does it work? "Honeypot" method of spam prevention is a simple and effective way to defer some o

Maksim Surguy 420 Jan 1, 2023
Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8

Laravel Encrypt Database Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8. I'm yet building the tests. Important Note th

Wellington Barbosa 2 Dec 15, 2021