承接 grazulex/laravel-safeguard 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

grazulex/laravel-safeguard

Composer 安装命令:

composer require grazulex/laravel-safeguard

包简介

Configurable security checks for Laravel applications. Run safety audits on environment variables, configuration files, and hidden routes to prevent common mistakes before going live.

README 文档

README

Laravel Safeguard

Comprehensive security auditing and threat detection system for Laravel applications. Real-time monitoring, automated security assessments, and detailed security reporting.

Latest Version Total Downloads License PHP Version Laravel Version Tests Code Style

📖 Table of Contents

Overview

Laravel Safeguard is a comprehensive security auditing and threat detection system for Laravel applications. It provides real-time monitoring, automated security assessments, and detailed reporting to keep your application secure.

Perfect for enterprise applications, security-conscious projects, and applications requiring compliance with security standards.

🎯 Use Cases

Laravel Safeguard is perfect for:

  • Enterprise Applications - Comprehensive security monitoring
  • Financial Systems - Fraud detection and prevention
  • Healthcare Apps - HIPAA compliance and data protection
  • E-commerce - Transaction security and user protection
  • API Security - Rate limiting and abuse detection

✨ Features

  • 🚀 Real-time Monitoring - Live security event tracking and alerting
  • 🔍 Vulnerability Scanning - Automated security vulnerability detection
  • 🛡️ Intrusion Detection - Advanced threat detection algorithms
  • 📊 Security Dashboard - Comprehensive security metrics and reporting
  • 🚨 Alert System - Configurable alerts for security events
  • 🔐 Access Control - Role-based access control monitoring
  • 📋 Audit Logging - Detailed security event logging
  • 🎯 Rate Limiting - Advanced rate limiting with threat intelligence
  • Compliance Reporting - Generate compliance reports
  • 📈 Security Analytics - Deep security insights and trends
  • 🧪 Penetration Testing - Built-in security testing tools
  • Performance Optimized - Minimal impact on application performance

📦 Installation

Install the package via Composer:

composer require grazulex/laravel-safeguard

💡 Auto-Discovery
The service provider will be automatically registered thanks to Laravel's package auto-discovery.

Publish configuration:

php artisan vendor:publish --tag=safeguard-config

🚀 Quick Start

1. Initialize Safeguard

php artisan safeguard:install

2. Configure Security Rules

// config/safeguard.php
return [
    'threat_detection' => [
        'enabled' => true,
        'sql_injection' => true,
        'xss_protection' => true,
        'brute_force' => true,
    ],
    
    'rate_limiting' => [
        'enabled' => true,
        'requests_per_minute' => 60,
        'burst_limit' => 100,
    ],
    
    'audit_logging' => [
        'enabled' => true,
        'log_failed_logins' => true,
        'log_data_access' => true,
    ],
];

3. Add Middleware Protection

// app/Http/Kernel.php
protected $middleware = [
    \Grazulex\LaravelSafeguard\Middleware\SecurityMonitor::class,
    \Grazulex\LaravelSafeguard\Middleware\ThreatDetection::class,
];

protected $middlewareGroups = [
    'web' => [
        \Grazulex\LaravelSafeguard\Middleware\RateLimiter::class,
    ],
    'api' => [
        \Grazulex\LaravelSafeguard\Middleware\ApiProtection::class,
    ],
];

4. Monitor Security Events

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Get security dashboard data
$dashboard = Safeguard::dashboard();

// Check recent threats
$threats = Safeguard::getThreats(['last_24_hours' => true]);

// Generate security report
$report = Safeguard::generateReport('monthly');

// Get audit logs
$auditLogs = Safeguard::auditLogs()
    ->where('event_type', 'login_attempt')
    ->where('created_at', '>=', now()->subDays(7))
    ->get();

🔒 Security Auditing

Laravel Safeguard provides comprehensive security auditing:

// Enable automatic auditing
Safeguard::audit(User::class)->track([
    'created', 'updated', 'deleted',
    'login', 'logout', 'password_change'
]);

// Manual audit logging
Safeguard::log('user_data_access', [
    'user_id' => auth()->id(),
    'accessed_resource' => 'sensitive_data',
    'ip_address' => request()->ip(),
]);

// Security scanning
$vulnerabilities = Safeguard::scan([
    'sql_injection' => true,
    'xss_vulnerabilities' => true,
    'csrf_protection' => true,
    'security_headers' => true,
]);

🚨 Threat Detection

Advanced threat detection capabilities:

use Grazulex\LaravelSafeguard\ThreatDetection\Detectors;

// Configure threat detectors
Safeguard::threats()->register([
    Detectors\SqlInjectionDetector::class,
    Detectors\XssDetector::class,
    Detectors\BruteForceDetector::class,
    Detectors\SuspiciousActivityDetector::class,
]);

// Real-time threat monitoring
Safeguard::threats()->monitor(function ($threat) {
    // Log threat
    Log::warning('Security threat detected', [
        'type' => $threat->getType(),
        'severity' => $threat->getSeverity(),
        'details' => $threat->getDetails(),
    ]);
    
    // Send alert
    if ($threat->getSeverity() === 'high') {
        Mail::to('security@company.com')->send(
            new SecurityAlert($threat)
        );
    }
});

📊 Security Dashboard

Built-in security dashboard with comprehensive metrics:

// Access dashboard data
$dashboard = Safeguard::dashboard()->getData();

// Dashboard metrics include:
// - Threat detection statistics
// - Failed login attempts
// - Rate limiting statistics
// - Vulnerability scan results
// - Audit log summaries
// - Security score and trends

// Custom dashboard widgets
Safeguard::dashboard()->addWidget('custom_security_metric', function () {
    return [
        'title' => 'Custom Security Metric',
        'value' => $this->calculateCustomMetric(),
        'trend' => 'up',
        'color' => 'green',
    ];
});

⚙️ Configuration

Laravel Safeguard provides extensive configuration options:

// config/safeguard.php
return [
    'monitoring' => [
        'enabled' => true,
        'real_time_alerts' => true,
        'threat_intelligence' => true,
    ],
    
    'detection_rules' => [
        'sql_injection' => ['enabled' => true, 'sensitivity' => 'high'],
        'xss_protection' => ['enabled' => true, 'sanitize' => true],
        'brute_force' => ['enabled' => true, 'max_attempts' => 5],
    ],
    
    'compliance' => [
        'gdpr' => true,
        'hipaa' => false,
        'pci_dss' => true,
    ],
];

📚 Documentation

For detailed documentation, examples, and advanced usage:

💡 Examples

Basic Security Monitoring

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Enable monitoring for specific models
class User extends Model
{
    use \Grazulex\LaravelSafeguard\Traits\Auditable;
    
    protected $auditableEvents = ['created', 'updated', 'login'];
}

// Monitor API endpoints
Route::middleware(['safeguard.monitor'])->group(function () {
    Route::get('/api/sensitive-data', [ApiController::class, 'getData']);
});

// Custom threat detection
Safeguard::threats()->detect('custom_threat', function ($request) {
    return $request->has('suspicious_parameter');
});

Advanced Security Configuration

// Custom security rules
Safeguard::rules()->add('financial_transaction', [
    'min_amount' => 0.01,
    'max_amount' => 10000,
    'require_2fa' => true,
    'suspicious_patterns' => [
        'rapid_succession' => true,
        'unusual_amounts' => true,
    ],
]);

// Security event handling
Safeguard::events()->listen('threat_detected', function ($threat) {
    // Automatically block suspicious IPs
    if ($threat->getSeverity() === 'critical') {
        Safeguard::firewall()->block($threat->getIpAddress());
    }
});

Check out the examples on the wiki for more examples.

🧪 Testing

Laravel Safeguard includes security testing utilities:

use Grazulex\LaravelSafeguard\Testing\SecurityTester;

public function test_sql_injection_protection()
{
    SecurityTester::make()
        ->attemptSqlInjection('/api/users?id=1; DROP TABLE users;--')
        ->assertBlocked()
        ->assertThreatLogged('sql_injection');
}

public function test_rate_limiting()
{
    SecurityTester::make()
        ->simulateRequests('/api/endpoint', 100)
        ->assertRateLimited()
        ->assertAuditLogged();
}

🔧 Requirements

  • PHP: ^8.3
  • Laravel: ^12.0
  • Carbon: ^3.10

🚀 Performance

Laravel Safeguard is optimized for performance:

  • Minimal Overhead: Less than 2ms additional request time
  • Efficient Monitoring: Asynchronous threat detection
  • Caching: Security rules and patterns are cached
  • Database Optimized: Efficient audit log storage

🤝 Contributing

We welcome contributions! Please see our Contributing Guide for details.

🔒 Security

If you discover a security vulnerability, please review our Security Policy before disclosing it.

📄 License

Laravel Safeguard is open-sourced software licensed under the MIT license.

Made with ❤️ for the Laravel community

Resources

Community Links

grazulex/laravel-safeguard 适用场景与选型建议

grazulex/laravel-safeguard 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 17 次下载、GitHub Stars 达 12, 最近一次更新时间为 2025 年 07 月 17 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「security」 「cli」 「config」 「check」 「Audit」 「rules」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 grazulex/laravel-safeguard 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 grazulex/laravel-safeguard 我们能提供哪些服务?
定制开发 / 二次开发

基于 grazulex/laravel-safeguard 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 17
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 13
  • 点击次数: 33
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 12
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-07-17