41man/login-gate-bundle
Composer 安装命令:
composer require 41man/login-gate-bundle
包简介
Checking brute force attacks on site
关键字:
README 文档
README
This bundle detects brute-force attacks on Symfony applications. It then will disable login for attackers for a certain period of time. This bundle also provides special events to execute custom handlers when a brute-force attack is detected.
Compatability
The bundle is since version 0.6 compatible with Symfony 4.
Installation
Add this bundle via Composer:
composer require anyx/login-gate-bundle
Configuration:
Add in app/config/config.yml:
login_gate: storages: ['orm'] # Attempts storages. Available storages: ['orm', 'session', 'mongodb'] options: max_count_attempts: 3 timeout: 600 #Ban period watch_period: 3600 #Only for databases storage. Period of actuality attempts
Register event handler (optional).
services: acme.brute_force_listener: class: Acme\BestBundle\Listener\BruteForceAttemptListener tags: - { name: kernel.event_listener, event: security.brute_force_attempt, method: onBruteForceAttempt }
Usage
In the following example we import the checker via dependency injection in SecurityController.php.
namespace App\Controller; use Anyx\LoginGateBundle\Service\BruteForceChecker; /** * @var BruteForceChecker $bruteForceChecker */ private $bruteForceChecker; /** * SecurityController constructor. * @param BruteForceChecker $bruteForceChecker */ public function __construct(BruteForceChecker $bruteForceChecker) { $this->bruteForceChecker = $bruteForceChecker; }
We can now use the checker to see if a person is allowed to login.
$this->bruteForceChecker->canLogin($request)
We can also clear the loginattempts when a login is succesful.
$this->bruteForceChecker->getStorage()->clearCountAttempts($request);
For more examples take a look at the tests.
41man/login-gate-bundle 适用场景与选型建议
41man/login-gate-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.9k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2020 年 02 月 27 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「brute-force」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 41man/login-gate-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 41man/login-gate-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 41man/login-gate-bundle 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Provide a way to secure accesses to all routes of an symfony application.
It's a barebone security class written on PHP
Simple brute-force prevention (account locking) for Flow
Contao CMS integrity check for some files
A PHP security linter to detect insecure functions like var_dump, print_r, and other dangerous functions in your codebase
Better PHP rate limiting using redis.
统计信息
- 总下载量: 1.9k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 10
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2020-02-27