bdsa/wafy

A Laravel package to automatically ban IP addresses and detect malicious requests.

Maintainers

Package info

github.com/tomakakwark/wafy

pkg:composer/bdsa/wafy

Statistics

Installs: 31

Dependents: 0

Suggesters: 0

Stars: 1

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

1.2.4 2026-03-20 15:08 UTC

Requires

Requires (Dev)

MIT d8eca6d334eb0efabb0f6873c221de6c7cf91bf9

  • Bdsa <wafy.woop@bdsa.agency>

This package is not auto-updated.

Last update: 2026-04-17 15:38:28 UTC

README

License PHP Laravel

Wafy is a robust Laravel package developed by Bdsa designed to automatically ban IP addresses and detect malicious requests, including SQL Injection, XSS, and more.

Features

  • 🛡️ IP Banning: Automatically block IPs engaging in suspicious activity.
  • 🕵️ Malicious Request Detection: Detects SQLi, XSS, LFI, and RCE attempts.
  • ⏱️ Temporary & Permanent Bans: Configurable ban durations.
  • ⚙️ Customizable Patterns: Define your own regex patterns for detection.
  • 🖥️ Artisan Commands: Easily manage banned IPs via CLI.

Installation

1. Require with Composer

Add the package to your project:

composer require bdsa/wafy

2. Publish Configuration

Publish the configuration file and migrations:

php artisan vendor:publish --provider="Bdsa\Wafy\WafyServiceProvider"

3. Run Migrations

Create the banned_ips table:

php artisan migrate

Usage

Middleware

Wafy provides two key middlewares : BlockBannedIp & DetectMaliciousRequests.

Protecting Routes

Apply the middleware to your routes or groups:

use Bdsa\Wafy\Middleware\BlockBannedIp;
use Bdsa\Wafy\Middleware\DetectMaliciousRequests;

Route::group(['middleware' => ['block.banned.ip', 'detect.malicious.requests']], function () {
    Route::get('/', function () {
        return view('welcome');
    });
    
    // Your protected routes
});

Artisan Commands

Manage banned IPs directly from the terminal:

  • Ban an IP manually:

    php artisan wafy:ban {ip_address} [--reason="Your reason"]

  • Unban an IP:

    php artisan wafy:unban {ip_address}

  • List all banned IPs:

    php artisan wafy:list

  • Enable/Disable WAF:

    php artisan wafy:mode {enable|disable}

  • Set Action Mode (Block or Log-Only):

    php artisan wafy:action {block|log}

Configuration

The configuration file is located at config/wafy.php. You can customize the detection patterns here.

Default protection covers:

  • SQL Injection (SQLi): UNION SELECT, common SQL verbs, hex encoding.
  • Local File Inclusion (LFI): Directory traversal (../), system files (/etc/passwd).
  • Cross-Site Scripting (XSS): Script tags, event handlers (onload, onerror).
  • Remote Code Execution (RCE): Shell commands (cat, wget), PHP execution functions.

Example config/wafy.php:

return [
    'enabled' => env('WAFY_ENABLED', true),
    'patterns' => [
        '/(union(\s+all)?\s+select)/i',
        '/(select\s+.*\s+from|delete\s+from|update\s+.*\s+set)/i',
        '/(<script.*?>.*?<\/script>)/is',
        // Add your custom patterns here
    ],
    'allowed_ips' => [
        '127.0.0.1', // Localhost
        '192.168.1.1', // Office IP
    ],
    'notifications' => [
        'enabled' => env('WAFY_NOTIFICATIONS_ENABLED', false),
        'channels' => ['mail'], // Choose 'mail', 'slack' or both
        'email' => env('WAFY_NOTIFICATION_EMAIL', 'admin@example.com'),
        'slack_webhook' => env('WAFY_SLACK_WEBHOOK', ''),
    ],
];

Testing

To run the package tests:

vendor/bin/phpunit

License

This project is licensed under the MIT License.