m9nx/laravel-runtime-guard 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

m9nx/laravel-runtime-guard

Composer 安装命令:

composer require m9nx/laravel-runtime-guard

包简介

A security-focused runtime monitoring and guard layer for Laravel applications

README 文档

README

Packagist Downloads License

Enterprise-grade runtime security inspection for Laravel applications.

RuntimeGuard provides a comprehensive, extensible framework for runtime security monitoring. Unlike static analyzers, it inspects actual data flowing through your application in real-time, detecting threats before they can cause damage.

Table of Contents

Features

Security Guards

  • SQL Injection — UNION attacks, boolean-based, time-based, stacked queries
  • XSS Detection — Script tags, event handlers, DOM-based XSS, encoded payloads
  • Command Injection — Shell metacharacters, command chaining, path traversal
  • SSRF Protection — Internal IPs, cloud metadata endpoints, DNS rebinding
  • NoSQL Injection — MongoDB operators, JSON-encoded attacks
  • Mass Assignment — Dangerous field protection
  • GraphQL Security — Query depth limits, complexity analysis
  • JWT/Token Abuse — Algorithm confusion, replay attacks, JKU injection
  • Bot Detection — Behavioral analysis, honeypot integration
  • Session Integrity — Fingerprint drift, geolocation jumps

Performance

  • Tiered inspection (quick scan + deep analysis)
  • LRU deduplication cache
  • Request sampling
  • Bloom filter pre-screening
  • Lazy guard resolution
  • Streaming inspection for large payloads
  • Async guard execution with PHP Fibers

Enterprise Features

  • ML-powered anomaly detection
  • Multi-tenant security isolation
  • Real-time metrics (Prometheus-compatible)
  • SIEM integration (Splunk, ELK, Datadog)
  • WAF rule export (AWS WAF, Cloudflare, ModSecurity)
  • Threat intelligence feeds
  • Compliance reporting (PCI-DSS, OWASP Top 10)

Requirements

  • PHP 8.1+
  • Laravel 10.0+ or 11.0+

Installation

composer require m9nx/laravel-runtime-guard

Publish the configuration:

php artisan vendor:publish --tag=runtime-guard-config

For database reporting (optional):

php artisan vendor:publish --tag=runtime-guard-migrations
php artisan migrate

Quick Start

Basic Usage

use M9nx\RuntimeGuard\Facades\RuntimeGuard;

// Inspect input with all enabled guards
$results = RuntimeGuard::inspect($userInput);

// Check if threat was detected
if ($results->hasThreat()) {
    Log::warning('Threat detected', [
        'level' => $results->getHighestThreatLevel()->value,
        'guards' => $results->getTriggeredGuards(),
    ]);
}

// Inspect with a specific guard
$result = RuntimeGuard::inspectWith('sql-injection', $userInput);

Controller Trait

use M9nx\RuntimeGuard\Traits\InspectsInput;

class FormController extends Controller
{
    use InspectsInput;

    public function submit(Request $request)
    {
        $this->inspectRequest($request);
        
        // Or inspect specific fields only
        $this->inspectRequestFields(['name', 'email', 'message']);
    }
}

PHP Attributes

use M9nx\RuntimeGuard\Attributes\GuardProfile;
use M9nx\RuntimeGuard\Attributes\SkipGuard;

class AdminController extends Controller
{
    #[GuardProfile('admin')]
    public function sensitiveAction()
    {
        // Uses 'admin' profile with stricter rules
    }

    #[SkipGuard(['xss'])]
    public function richTextEditor()
    {
        // XSS guard skipped for this endpoint
    }
}

Configuration

// config/runtime-guard.php

return [
    'enabled' => env('RUNTIME_GUARD_ENABLED', true),
    'mode' => env('RUNTIME_GUARD_MODE', 'log'), // 'block', 'log', 'silent'
    
    'pipeline' => [
        'strategy' => 'short_circuit', // 'full', 'short_circuit', 'threshold'
        'tiered' => true,
    ],

    'guards' => [
        'sql-injection' => ['enabled' => true, 'priority' => 100],
        'xss' => ['enabled' => true, 'priority' => 90],
        'command-injection' => ['enabled' => true, 'priority' => 95],
        // ... more guards
    ],

    'profiles' => [
        'api' => [
            'guards' => ['sql-injection', 'command-injection'],
            'mode' => 'log',
        ],
        'admin' => [
            'guards' => '*',
            'mode' => 'block',
        ],
    ],
];

Security Guards

Guard Description Default Priority
sql-injection SQL injection patterns 100
command-injection Shell command injection 95
xss Cross-site scripting 90
deserialization Unsafe deserialization 92
nosql-injection NoSQL/MongoDB injection 88
file-operation Path traversal, file inclusion 85
ssrf Server-side request forgery 80
mass-assignment Dangerous field assignment 75
graphql GraphQL abuse prevention 70
jwt JWT/Token attacks 65
bot-behavior Bot/automation detection 60
session-integrity Session hijacking detection 55
anomaly Behavioral anomaly detection 50

Middleware Usage

// routes/web.php

// Apply to specific routes
Route::middleware(['runtime-guard'])->group(function () {
    Route::post('/submit', [FormController::class, 'submit']);
});

// With a specific profile
Route::middleware(['runtime-guard:admin'])->group(function () {
    Route::resource('/admin/users', AdminUserController::class);
});

Artisan Commands

# List all registered guards
php artisan runtime-guard:list

# Test a guard with sample input
php artisan runtime-guard:test sql-injection "1' OR '1'='1"

# Check system status
php artisan runtime-guard:status

# Toggle guards at runtime
php artisan runtime-guard:toggle sql-injection --disable

# Generate a new custom guard
php artisan runtime-guard:make-guard CustomGuard

# Run security audit
php artisan runtime-guard:security-audit

Testing

RuntimeGuard provides testing utilities for your application tests:

use M9nx\RuntimeGuard\Facades\RuntimeGuard;

class SecurityTest extends TestCase
{
    public function test_sql_injection_is_detected(): void
    {
        $fake = RuntimeGuard::fake();
        
        $this->post('/api/search', ['query' => "1' OR '1'='1"]);
        
        $fake->assertThreatDetected();
        $fake->assertGuardTriggered('sql-injection');
    }

    public function test_clean_input_passes(): void
    {
        $fake = RuntimeGuard::fake();
        
        $this->post('/api/search', ['query' => 'normal search']);
        
        $fake->assertNoThreatsDetected();
    }
}

Documentation

Document Description
Architecture Internal architecture and component overview
Features Complete feature list and capabilities
Changelog v4.0 What's new in version 4.0
Contributing Contribution guidelines
Security Policy Security reporting procedures

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for details.

# Development setup
composer install
composer test
composer analyse

Security

If you discover a security vulnerability, please send an email to the maintainer instead of using the issue tracker. See SECURITY.md for details.

Credits

License

The MIT License (MIT). See LICENSE for more information.

m9nx/laravel-runtime-guard 适用场景与选型建议

m9nx/laravel-runtime-guard 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 1, 最近一次更新时间为 2026 年 01 月 06 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「security」 「monitoring」 「laravel」 「xss」 「protection」 「runtime」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 m9nx/laravel-runtime-guard 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 m9nx/laravel-runtime-guard 我们能提供哪些服务?
定制开发 / 二次开发

基于 m9nx/laravel-runtime-guard 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 2
  • 点击次数: 29
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-01-06