ircop / antiflood
Request flood protection for laravel
Installs: 22 127
Dependents: 1
Suggesters: 0
Security: 0
Stars: 20
Watchers: 1
Forks: 4
Open Issues: 1
Requires
- php: >=5.3
- laravel/framework: >=5.1
This package is not auto-updated.
Last update: 2024-12-21 19:58:09 UTC
README
This tool designed for simple limiting some user requests. It makes it easy to add some protection from DB ddos or bruteforce attack.
INSTALL
1: install via composer
composer require ircop/antiflood
2: add service provider to providers
array in config/app.php
:
Ircop\Antiflood\AntifloodServiceProvider::class,
3: add facade alias to aliases
array in config/app.php
:
'Antiflood' => Ircop\Antiflood\Facade\Antiflood::class,
Usage
Checking for record existance with given ident.
Ident can be ip-address, login, anything unique.
$maximum - is maximum allowed value for this ident. Default is 1.
\Antiflood::check( $ident, $maximum = 1 ); // Or with IP identity \Antiflood::checkIP( $maximum = 1 );
Putting record for given ident on given $minutes:
\Antiflood::put( $ident, $minutes = 10 ); // Or with IP identity \Antiflood::putIP( $minutes = 10 );
Examples:
Limiting wrong login attempts for given IP address:
This example limiting wrong login attempts from one ip-address to 5 tryes per 20 minutes:
public function postLogin()
{
$key = $_SERVER['REMOTE_ADDR'];
// If this ip has >= 5 failed login attempts in last 20 minutes, redirect user
// back with error:
if( \Antiflood::check( $key, 5 ) === FALSE )
return redirect()->back()->withErrors(['Too many login attempts! Try again later.']);
// ....
// ....
// ....
// After failed login put user ipaddr to antiflood cacte on 20 min.
// If there is no records with this ident, record will be added with value=1, else
// it will be increased.
\Antiflood::put( $key, 20 );
}
Limiting password recovery for 1 try per 30 min.
This code shows how to limit some functions like email, etc. to prevend flood from our server, for example.
public function postPasswordRecover()
{
$key = \Input::get('email');
if( \Antiflood::check( $key ) === FALSE )
return redirect()->back()->withErrors(['.....']);
// ....
// ....
// ....
\Antiflood::put( $key, 20 );
}