flowd/typo3-firewall

Firewall for TYPO3 - Firewall implements a PSR-15 middleware that helps to protect your website against malicious requests

Maintainers

Package info

github.com/flowd/typo3-firewall

Documentation

Type:typo3-cms-extension

pkg:composer/flowd/typo3-firewall

Transparency log

Statistics

Installs: 2 250

Dependents: 0

Suggesters: 0

Stars: 26

Open Issues: 4

0.4.0 2026-07-09 22:12 UTC

README

This extension adds a simple but powerful firewall to your TYPO3 site. It helps protect your website from unwanted traffic, bots, and attacks. You can block or limit requests based on IP, path, or other patterns.

It is built on top of the phirewall package.

Key Features

  • Block requests from specific IPs or patterns
  • Limit how often users can access certain pages (rate limiting)
  • Temporarily block users after repeated abuse (like Fail2Ban)
  • Easy to configure with PHP
  • Works with Redis, APCu, or in-memory cache

Installation

Install with Composer:

composer require flowd/typo3-firewall

Quick Start

Add a file at config/system/phirewall.php in your TYPO3 project. This example blocks requests to /wp_admin using APCu as the cache backend.

<?php
use Flowd\Phirewall\Config;
use Flowd\Phirewall\Store\ApcuCache;
use Psr\EventDispatcher\EventDispatcherInterface;

return function (EventDispatcherInterface $eventDispatcher): Config {
    $config = new Config(new ApcuCache(), $eventDispatcher);
    $config->blocklists->add(
        name: 'block-wp-admin',
        callback: fn($request) => str_starts_with(strtolower($request->getUri()->getPath()), '/wp_admin')
    );
    return $config;
};

Documentation