nexxai/laravel-cfcache

A handful of Cloudflare cache helpers for Laravel

Maintainers

Details

github.com/nexxai/laravel-cfcache

Source

Issues

Installs: 223

Dependents: 0

Suggesters: 0

Security: 0

Stars: 93

Watchers: 7

Forks: 2

Open Issues: 1

pkg:composer/nexxai/laravel-cfcache

v0.3.0 2025-10-26 21:26 UTC

Requires

Requires (Dev)

MIT c242da3a04cc6f3e1c62b8c31e5c87bd3ec64f37

cachelaravelcloudflare

This package is auto-updated.

Last update: 2025-10-31 02:08:55 UTC

README

Build Status Latest Stable Version License

Laravel Cloudflare Cache

This package is a WIP. It currently contains a command to generate the expression for a Cloudflare security rule for your Laravel application routes.

Requirements

A Laravel application running Laravel 12 or higher. Not running a stable version of Laravel? Upgrade with Shift.

Installation

You can install this package by running the following command:

composer require -W nexxai/laravel-cfcache

To publish the configuration file (only needed when using the --sync argument):

php artisan vendor:publish --tag=cf-waf-rule-config

Documentation

Cloudflare API Configuration

To use the automatic sync feature, you need to configure your Cloudflare API credentials. Add the following to your .env file:

CF_WAF_API_TOKEN=your-api-token-here
CF_WAF_ZONE_ID=your-zone-id-here

Getting Your Cloudflare Credentials

  1. API Token:

    • Go to Cloudflare Dashboard
    • Click "Create Token"
    • Use the "Custom token" template
    • Grant the following permissions:
      • Zone -> Firewall Services -> Edit
    • Include your specific zone in the Zone Resources
    • Create the token and copy it to your .env file

  2. Zone ID:

    • Go to your domain's overview page in Cloudflare
    • Find the Zone ID in the right sidebar under "API"
    • Copy it to your .env file

Cloudflare Security / WAF rule

This command was inspired by Jason McCreary's tweet: https://x.com/gonedark/status/1978458884948775294

Basic Usage

Generate the WAF rule expression:

php artisan cloudflare:waf-rule

Once generated, you can copy and paste the expression into your domain's security rules (Security -> Security Rules -> Create Rule -> Custom Rule -> Edit expression)

Sync to Cloudflare API

Automatically create or update the WAF rule in Cloudflare:

php artisan cloudflare:waf-rule --sync

Advanced Configuration

After publishing the configuration file, you can customize additional settings in config/cf-waf-rule.php:

return [
    'api' => [
        'token' => env('CF_WAF_API_TOKEN'),
        'zone_id' => env('CF_WAF_ZONE_ID'),
    ],

    'waf' => [
        'rule_identifier' => env('CF_WAF_RULE_ID', 'laravel-waf-rule'),
        'rule_description' => env('CF_WAF_RULE_DESCRIPTION', 'Valid Laravel Routes'),
        'rule_action' => env('CF_WAF_RULE_ACTION', 'block'),
    ],

    'settings' => [
        'timeout' => env('CF_WAF_API_TIMEOUT', 30),
        'retry_attempts' => env('CF_WAF_API_RETRY_ATTEMPTS', 3),
    ],
];

Available Rule Actions

  • block - Block the request entirely
  • challenge - Present a challenge to the visitor
  • js_challenge - Present a JavaScript challenge
  • managed_challenge - Use Cloudflare's managed challenge
  • allow - Allow the request
  • log - Log the request without taking action
  • bypass - Bypass all security features

Contributing

Contributions to this project are welcome. You may open a Pull Request against the main branch. Please ensure you write a clear description (ideally with code samples) and all workflows are passing.