mohdraquib/laravel-secure-middleware
Composer 安装命令:
composer require mohdraquib/laravel-secure-middleware
包简介
Laravel middleware to enforce HTTPS, HSTS, and WWW/Non-WWW redirection.
README 文档
README
A Laravel middleware package that enforces secure web behavior like automatic HTTPS redirection, forcing or removing www., and setting the HSTS header for stricter browser security. Built for simplicity, flexibility, and modern Laravel projects.
✨ Features
- 🔐 Automatically redirects all HTTP traffic to HTTPS (
AlwaysUseHTTPS) - 🌐 Forces all URLs to remove the
www.prefix (ForceNonWWW) - 🌐 Or forces all URLs to use the
www.prefix (ForceWWW) - 🔒 Adds HTTP Strict Transport Security headers (
EnableHSTS) - 📦 Easy to install via Composer
- 🚀 Works out-of-the-box with Laravel's middleware stack
📦 Installation
Install the package using Composer:
composer require mohdraquib/laravel-secure-middleware
🧩 Usage
Register the middleware in your Laravel application's app/Http/Kernel.php.
➕ Add to Global Middleware Stack
use MohdRaquib\SecureMiddleware\AlwaysUseHTTPS; use MohdRaquib\SecureMiddleware\EnableHSTS; use MohdRaquib\SecureMiddleware\ForceNonWWW; // or use ForceWWW instead of ForceNonWWW protected $middleware = [ // ... AlwaysUseHTTPS::class, EnableHSTS::class, ForceNonWWW::class, // or ForceWWW::class ];
➕ Or Register as Route Middleware
protected $routeMiddleware = [ 'https.redirect' => \MohdRaquib\SecureMiddleware\AlwaysUseHTTPS::class, 'hsts' => \MohdRaquib\SecureMiddleware\EnableHSTS::class, 'remove.www' => \MohdRaquib\SecureMiddleware\ForceNonWWW::class, 'force.www' => \MohdRaquib\SecureMiddleware\ForceWWW::class, ];
Then apply to specific routes:
Route::get('/secure', function () { return 'Secure Route'; })->middleware(['https.redirect', 'hsts', 'remove.www']);
🧱 Middleware Details
AlwaysUseHTTPS
Redirects all HTTP requests to their HTTPS equivalents. Prevents unsecured traffic automatically.
EnableHSTS
Adds the Strict-Transport-Security header to all secure (HTTPS) responses to instruct browsers to always use HTTPS.
ForceNonWWW
Redirects all www.example.com URLs to example.com, maintaining SEO consistency and simplifying domain access.
ForceWWW
Redirects all example.com URLs to www.example.com, if you prefer using the www. subdomain.
🔄 Example Redirects
http://www.example.com/test→https://example.com/testhttps://example.com/test→https://www.example.com/test(if usingForceWWW)
📄 License
This package is open-sourced software licensed under the MIT license.
👤 Author
Mohammad Raquib
GitHub
Secure your Laravel application in seconds with smart middleware!
mohdraquib/laravel-secure-middleware 适用场景与选型建议
mohdraquib/laravel-secure-middleware 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 5 次下载、GitHub Stars 达 0, 最近一次更新时间为 2025 年 07 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「laravel」 「hsts」 「force www」 「secure middleware」 「always use https」 「force non www」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 mohdraquib/laravel-secure-middleware 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 mohdraquib/laravel-secure-middleware 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 mohdraquib/laravel-secure-middleware 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Change password for frontend users - Plugin to enable password change for frontend users. Contains configurable password rules and password change enforcement.
A simple package that adds the impersonate operation for admins
Tresholds Governor, aims to facilitate the protection of authentication against brute force and dictionary attacks
Laravel 5.x middleware to enforce https redirection for your app.
CCDN User Security Bundle
A Laravel library for Salesforce
统计信息
- 总下载量: 5
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 35
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-07-12