skydiver/laravel-route-blocker
Composer 安装命令:
composer require skydiver/laravel-route-blocker
包简介
Block routes by IP
README 文档
README
Block routes by IP
(inspired on Laravel Firewall)
Requirements
Laravel 5.x, 6.x, 7.x and 8.x
Installation
-
To install through composer, run the following command from terminal:
$ composer require skydiver/laravel-route-blocker
-
Publish the config file:
Run the following command to publish the package config file:
$ php artisan vendor:publish --tag=LaravelRouteBlocker
Still using Laravel 5.4 or below?
Please add service provider to your config/app.php providers array:
'providers' => [ ... Skydiver\LaravelRouteBlocker\LaravelRouteBlockerServiceProvider::class, ]
Usage
- Register middlewares in
app/Http/Kernel.phpon$routeMiddlewarearray:'blacklist' => \Skydiver\LaravelRouteBlocker\Middleware\BlacklistMiddleware::class, 'whitelist' => \Skydiver\LaravelRouteBlocker\Middleware\WhitelistMiddleware::class,
- Blacklist allows all traffic except matching rules.
- Whitelist blocks all traffic except matching rules.
- You can register both or just a single middleware.
-
Create a config group on
config/laravel-route-blocker.phpand insert your allowed/blocked IPs:'whitelist' => [ 'my_group' => [ '127.0.0.1', '192.168.17.0', '10.0.1.*' ], 'another_group' => [ '8.8.8.*' ], ], 'blacklist' => [ 'blocked_ips' => [ '127.0.0.1', '192.168.100.0', ], 'blocked_ips2' => [ '8.8.8.8', ], ],- You can create as many blacklist/whitelists groups as you wish and protect differents set of routes with differents IPs
Also, you can configure to throw an HTTP status code or redirect to a custom URL:
'redirect_to' => '', // URL TO REDIRECT IF BLOCKED (LEAVE BLANK TO THROW STATUS) 'response_status' => 403, // STATUS CODE (403, 404 ...) 'response_message' => '' // MESSAGE (COMBINED WITH STATUS CODE) -
Put your protected routes inside a group and specify the whitelist parameter:
// Only IPs matched on "my_group" will be allowed to access route Route::group(['middleware' => 'whitelist:my_group'], function() { Route::get('/demo', function () { return "DEMO"; }); }); // Only IPs matched on "my_group" will be blocked to access route Route::group(['middleware' => 'blacklist:blocked_ips'], function() { Route::get('/private', function () { return "Private Page"; }); });
Artisan Commands
-
To get a list of current IPs groups run:
$ php artisan route:blocks:groups+-----------------+--------------+-----------+ | Group | IP | Type | +-----------------+--------------+-----------+ | allowed_group_1 | 127.0.0.1 | whitelist | | allowed_group_1 | 127.0.0.2 | whitelist | | allowed_group_1 | 192.168.17.0 | whitelist | | allowed_group_1 | 10.0.0.* | whitelist | | allowed_group_2 | 8.8.8.8 | whitelist | | allowed_group_2 | 8.8.8.* | whitelist | | allowed_group_2 | 8.8.4.4 | whitelist | | blocked_ips_1 | 127.0.0.1 | blacklist | | blocked_ips_1 | 127.0.0.2 | blacklist | | blocked_ips_1 | 192.168.17.0 | blacklist | | blocked_ips_1 | 10.0.0.* | blacklist | | blocked_ips_2 | 8.8.8.8 | blacklist | | blocked_ips_2 | 8.8.8.* | blacklist | | blocked_ips_2 | 8.8.4.4 | blacklist | +-----------------+--------------+-----------+
Testing
To manually run test suite:
vendor/bin/phpunit --verbose
Test files inside tests/Feature should be run by GitHub action only.
skydiver/laravel-route-blocker 适用场景与选型建议
skydiver/laravel-route-blocker 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 76.76k 次下载、GitHub Stars 达 81, 最近一次更新时间为 2016 年 02 月 06 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「php」 「security」 「routes」 「block」 「laravel」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 skydiver/laravel-route-blocker 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 skydiver/laravel-route-blocker 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 skydiver/laravel-route-blocker 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Generates a Blade directive exporting all of your named Laravel routes. Also provides a nice route() helper function in JavaScript.
Provides caching methods which can be easily used for caching routes.
Provide a way to secure accesses to all routes of an symfony application.
It's a barebone security class written on PHP
Contao CMS integrity check for some files
A PHP security linter to detect insecure functions like var_dump, print_r, and other dangerous functions in your codebase
统计信息
- 总下载量: 76.76k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 82
- 点击次数: 8
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2016-02-06