Composer
首页 包列表 提交包 常见问题 关于

承接 grazulex/laravel-safeguard 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

grazulex/laravel-safeguard

最新稳定版本:v1.3.0

Composer 安装命令:

composer require grazulex/laravel-safeguard

包简介

Configurable security checks for Laravel applications. Run safety audits on environment variables, configuration files, and hidden routes to prevent common mistakes before going live.

关键字:

# security # cli # config # check # Audit # rules # laravel # secure # production # env # hardening # clean-code # safeguard # laravel12 # php8.3

README 文档

README

Laravel Safeguard

Comprehensive security auditing and threat detection system for Laravel applications. Real-time monitoring, automated security assessments, and detailed security reporting.

Latest Version Total Downloads License PHP Version Laravel Version Tests Code Style

📖 Table of Contents

Overview

Laravel Safeguard is a comprehensive security auditing and threat detection system for Laravel applications. It provides real-time monitoring, automated security assessments, and detailed reporting to keep your application secure.

Perfect for enterprise applications, security-conscious projects, and applications requiring compliance with security standards.

🎯 Use Cases

Laravel Safeguard is perfect for:

  • Enterprise Applications - Comprehensive security monitoring
  • Financial Systems - Fraud detection and prevention
  • Healthcare Apps - HIPAA compliance and data protection
  • E-commerce - Transaction security and user protection
  • API Security - Rate limiting and abuse detection

✨ Features

  • 🚀 Real-time Monitoring - Live security event tracking and alerting
  • 🔍 Vulnerability Scanning - Automated security vulnerability detection
  • 🛡️ Intrusion Detection - Advanced threat detection algorithms
  • 📊 Security Dashboard - Comprehensive security metrics and reporting
  • 🚨 Alert System - Configurable alerts for security events
  • 🔐 Access Control - Role-based access control monitoring
  • 📋 Audit Logging - Detailed security event logging
  • 🎯 Rate Limiting - Advanced rate limiting with threat intelligence
  • Compliance Reporting - Generate compliance reports
  • 📈 Security Analytics - Deep security insights and trends
  • 🧪 Penetration Testing - Built-in security testing tools
  • Performance Optimized - Minimal impact on application performance

📦 Installation

Install the package via Composer:

composer require grazulex/laravel-safeguard

💡 Auto-Discovery
The service provider will be automatically registered thanks to Laravel's package auto-discovery.

Publish configuration:

php artisan vendor:publish --tag=safeguard-config

🚀 Quick Start

1. Initialize Safeguard

php artisan safeguard:install

2. Configure Security Rules

// config/safeguard.php
return [
    'threat_detection' => [
        'enabled' => true,
        'sql_injection' => true,
        'xss_protection' => true,
        'brute_force' => true,
    ],
    
    'rate_limiting' => [
        'enabled' => true,
        'requests_per_minute' => 60,
        'burst_limit' => 100,
    ],
    
    'audit_logging' => [
        'enabled' => true,
        'log_failed_logins' => true,
        'log_data_access' => true,
    ],
];

3. Add Middleware Protection

// app/Http/Kernel.php
protected $middleware = [
    \Grazulex\LaravelSafeguard\Middleware\SecurityMonitor::class,
    \Grazulex\LaravelSafeguard\Middleware\ThreatDetection::class,
];

protected $middlewareGroups = [
    'web' => [
        \Grazulex\LaravelSafeguard\Middleware\RateLimiter::class,
    ],
    'api' => [
        \Grazulex\LaravelSafeguard\Middleware\ApiProtection::class,
    ],
];

4. Monitor Security Events

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Get security dashboard data
$dashboard = Safeguard::dashboard();

// Check recent threats
$threats = Safeguard::getThreats(['last_24_hours' => true]);

// Generate security report
$report = Safeguard::generateReport('monthly');

// Get audit logs
$auditLogs = Safeguard::auditLogs()
    ->where('event_type', 'login_attempt')
    ->where('created_at', '>=', now()->subDays(7))
    ->get();

🔒 Security Auditing

Laravel Safeguard provides comprehensive security auditing:

// Enable automatic auditing
Safeguard::audit(User::class)->track([
    'created', 'updated', 'deleted',
    'login', 'logout', 'password_change'
]);

// Manual audit logging
Safeguard::log('user_data_access', [
    'user_id' => auth()->id(),
    'accessed_resource' => 'sensitive_data',
    'ip_address' => request()->ip(),
]);

// Security scanning
$vulnerabilities = Safeguard::scan([
    'sql_injection' => true,
    'xss_vulnerabilities' => true,
    'csrf_protection' => true,
    'security_headers' => true,
]);

🚨 Threat Detection

Advanced threat detection capabilities:

use Grazulex\LaravelSafeguard\ThreatDetection\Detectors;

// Configure threat detectors
Safeguard::threats()->register([
    Detectors\SqlInjectionDetector::class,
    Detectors\XssDetector::class,
    Detectors\BruteForceDetector::class,
    Detectors\SuspiciousActivityDetector::class,
]);

// Real-time threat monitoring
Safeguard::threats()->monitor(function ($threat) {
    // Log threat
    Log::warning('Security threat detected', [
        'type' => $threat->getType(),
        'severity' => $threat->getSeverity(),
        'details' => $threat->getDetails(),
    ]);
    
    // Send alert
    if ($threat->getSeverity() === 'high') {
        Mail::to('security@company.com')->send(
            new SecurityAlert($threat)
        );
    }
});

📊 Security Dashboard

Built-in security dashboard with comprehensive metrics:

// Access dashboard data
$dashboard = Safeguard::dashboard()->getData();

// Dashboard metrics include:
// - Threat detection statistics
// - Failed login attempts
// - Rate limiting statistics
// - Vulnerability scan results
// - Audit log summaries
// - Security score and trends

// Custom dashboard widgets
Safeguard::dashboard()->addWidget('custom_security_metric', function () {
    return [
        'title' => 'Custom Security Metric',
        'value' => $this->calculateCustomMetric(),
        'trend' => 'up',
        'color' => 'green',
    ];
});

⚙️ Configuration

Laravel Safeguard provides extensive configuration options:

// config/safeguard.php
return [
    'monitoring' => [
        'enabled' => true,
        'real_time_alerts' => true,
        'threat_intelligence' => true,
    ],
    
    'detection_rules' => [
        'sql_injection' => ['enabled' => true, 'sensitivity' => 'high'],
        'xss_protection' => ['enabled' => true, 'sanitize' => true],
        'brute_force' => ['enabled' => true, 'max_attempts' => 5],
    ],
    
    'compliance' => [
        'gdpr' => true,
        'hipaa' => false,
        'pci_dss' => true,
    ],
];

📚 Documentation

For detailed documentation, examples, and advanced usage:

💡 Examples

Basic Security Monitoring

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Enable monitoring for specific models
class User extends Model
{
    use \Grazulex\LaravelSafeguard\Traits\Auditable;
    
    protected $auditableEvents = ['created', 'updated', 'login'];
}

// Monitor API endpoints
Route::middleware(['safeguard.monitor'])->group(function () {
    Route::get('/api/sensitive-data', [ApiController::class, 'getData']);
});

// Custom threat detection
Safeguard::threats()->detect('custom_threat', function ($request) {
    return $request->has('suspicious_parameter');
});

Advanced Security Configuration

// Custom security rules
Safeguard::rules()->add('financial_transaction', [
    'min_amount' => 0.01,
    'max_amount' => 10000,
    'require_2fa' => true,
    'suspicious_patterns' => [
        'rapid_succession' => true,
        'unusual_amounts' => true,
    ],
]);

// Security event handling
Safeguard::events()->listen('threat_detected', function ($threat) {
    // Automatically block suspicious IPs
    if ($threat->getSeverity() === 'critical') {
        Safeguard::firewall()->block($threat->getIpAddress());
    }
});

Check out the examples on the wiki for more examples.

🧪 Testing

Laravel Safeguard includes security testing utilities:

use Grazulex\LaravelSafeguard\Testing\SecurityTester;

public function test_sql_injection_protection()
{
    SecurityTester::make()
        ->attemptSqlInjection('/api/users?id=1; DROP TABLE users;--')
        ->assertBlocked()
        ->assertThreatLogged('sql_injection');
}

public function test_rate_limiting()
{
    SecurityTester::make()
        ->simulateRequests('/api/endpoint', 100)
        ->assertRateLimited()
        ->assertAuditLogged();
}

🔧 Requirements

  • PHP: ^8.3
  • Laravel: ^12.0
  • Carbon: ^3.10

🚀 Performance

Laravel Safeguard is optimized for performance:

  • Minimal Overhead: Less than 2ms additional request time
  • Efficient Monitoring: Asynchronous threat detection
  • Caching: Security rules and patterns are cached
  • Database Optimized: Efficient audit log storage

🤝 Contributing

We welcome contributions! Please see our Contributing Guide for details.

🔒 Security

If you discover a security vulnerability, please review our Security Policy before disclosing it.

📄 License

Laravel Safeguard is open-sourced software licensed under the MIT license.

Made with ❤️ for the Laravel community

Resources

Community Links

统计信息

  • 总下载量: 11
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 10
  • 点击次数: 1
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 9
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-07-17