grazulex/laravel-safeguard

Configurable security checks for Laravel applications. Run safety audits on environment variables, configuration files, and hidden routes to prevent common mistakes before going live.

Maintainers

Details

github.com/Grazulex/laravel-safeguard

Homepage

Source

Issues

Forum

Wiki

Documentation

Fund package maintenance!
Grazulex
Buy Me A Coffee
paypal.me/strauven

Installs: 11

Dependents: 0

Suggesters: 0

Security: 0

Stars: 9

Watchers: 1

Forks: 0

Open Issues: 0

v1.3.0 2025-07-20 12:15 UTC

Requires

Requires (Dev)

MIT 3b44859254430cecfd3d759994ee4a8e6a8a897b

  • Jean-Marc Strauven <jms.woop@grazulex.be>

securitycliconfigcheckAuditruleslaravelsecureproductionenvhardeningclean-codesafeguardlaravel12php8.3

This package is auto-updated.

Last update: 2025-08-21 23:41:27 UTC

README

Laravel Safeguard

Comprehensive security auditing and threat detection system for Laravel applications. Real-time monitoring, automated security assessments, and detailed security reporting.

Latest Version Total Downloads License PHP Version Laravel Version Tests Code Style

๐Ÿ“– Table of Contents

Overview

Laravel Safeguard is a comprehensive security auditing and threat detection system for Laravel applications. It provides real-time monitoring, automated security assessments, and detailed reporting to keep your application secure.

Perfect for enterprise applications, security-conscious projects, and applications requiring compliance with security standards.

๐ŸŽฏ Use Cases

Laravel Safeguard is perfect for:

  • Enterprise Applications - Comprehensive security monitoring
  • Financial Systems - Fraud detection and prevention
  • Healthcare Apps - HIPAA compliance and data protection
  • E-commerce - Transaction security and user protection
  • API Security - Rate limiting and abuse detection

โœจ Features

  • ๐Ÿš€ Real-time Monitoring - Live security event tracking and alerting
  • ๐Ÿ” Vulnerability Scanning - Automated security vulnerability detection
  • ๐Ÿ›ก๏ธ Intrusion Detection - Advanced threat detection algorithms
  • ๐Ÿ“Š Security Dashboard - Comprehensive security metrics and reporting
  • ๐Ÿšจ Alert System - Configurable alerts for security events
  • ๐Ÿ” Access Control - Role-based access control monitoring
  • ๐Ÿ“‹ Audit Logging - Detailed security event logging
  • ๐ŸŽฏ Rate Limiting - Advanced rate limiting with threat intelligence
  • โœ… Compliance Reporting - Generate compliance reports
  • ๐Ÿ“ˆ Security Analytics - Deep security insights and trends
  • ๐Ÿงช Penetration Testing - Built-in security testing tools
  • โšก Performance Optimized - Minimal impact on application performance

๐Ÿ“ฆ Installation

Install the package via Composer:

composer require grazulex/laravel-safeguard

๐Ÿ’ก Auto-Discovery
The service provider will be automatically registered thanks to Laravel's package auto-discovery.

Publish configuration:

php artisan vendor:publish --tag=safeguard-config

๐Ÿš€ Quick Start

1. Initialize Safeguard

php artisan safeguard:install

2. Configure Security Rules

// config/safeguard.php
return [
    'threat_detection' => [
        'enabled' => true,
        'sql_injection' => true,
        'xss_protection' => true,
        'brute_force' => true,
    ],
    
    'rate_limiting' => [
        'enabled' => true,
        'requests_per_minute' => 60,
        'burst_limit' => 100,
    ],
    
    'audit_logging' => [
        'enabled' => true,
        'log_failed_logins' => true,
        'log_data_access' => true,
    ],
];

3. Add Middleware Protection

// app/Http/Kernel.php
protected $middleware = [
    \Grazulex\LaravelSafeguard\Middleware\SecurityMonitor::class,
    \Grazulex\LaravelSafeguard\Middleware\ThreatDetection::class,
];

protected $middlewareGroups = [
    'web' => [
        \Grazulex\LaravelSafeguard\Middleware\RateLimiter::class,
    ],
    'api' => [
        \Grazulex\LaravelSafeguard\Middleware\ApiProtection::class,
    ],
];

4. Monitor Security Events

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Get security dashboard data
$dashboard = Safeguard::dashboard();

// Check recent threats
$threats = Safeguard::getThreats(['last_24_hours' => true]);

// Generate security report
$report = Safeguard::generateReport('monthly');

// Get audit logs
$auditLogs = Safeguard::auditLogs()
    ->where('event_type', 'login_attempt')
    ->where('created_at', '>=', now()->subDays(7))
    ->get();

๐Ÿ”’ Security Auditing

Laravel Safeguard provides comprehensive security auditing:

// Enable automatic auditing
Safeguard::audit(User::class)->track([
    'created', 'updated', 'deleted',
    'login', 'logout', 'password_change'
]);

// Manual audit logging
Safeguard::log('user_data_access', [
    'user_id' => auth()->id(),
    'accessed_resource' => 'sensitive_data',
    'ip_address' => request()->ip(),
]);

// Security scanning
$vulnerabilities = Safeguard::scan([
    'sql_injection' => true,
    'xss_vulnerabilities' => true,
    'csrf_protection' => true,
    'security_headers' => true,
]);

๐Ÿšจ Threat Detection

Advanced threat detection capabilities:

use Grazulex\LaravelSafeguard\ThreatDetection\Detectors;

// Configure threat detectors
Safeguard::threats()->register([
    Detectors\SqlInjectionDetector::class,
    Detectors\XssDetector::class,
    Detectors\BruteForceDetector::class,
    Detectors\SuspiciousActivityDetector::class,
]);

// Real-time threat monitoring
Safeguard::threats()->monitor(function ($threat) {
    // Log threat
    Log::warning('Security threat detected', [
        'type' => $threat->getType(),
        'severity' => $threat->getSeverity(),
        'details' => $threat->getDetails(),
    ]);
    
    // Send alert
    if ($threat->getSeverity() === 'high') {
        Mail::to('security@company.com')->send(
            new SecurityAlert($threat)
        );
    }
});

๐Ÿ“Š Security Dashboard

Built-in security dashboard with comprehensive metrics:

// Access dashboard data
$dashboard = Safeguard::dashboard()->getData();

// Dashboard metrics include:
// - Threat detection statistics
// - Failed login attempts
// - Rate limiting statistics
// - Vulnerability scan results
// - Audit log summaries
// - Security score and trends

// Custom dashboard widgets
Safeguard::dashboard()->addWidget('custom_security_metric', function () {
    return [
        'title' => 'Custom Security Metric',
        'value' => $this->calculateCustomMetric(),
        'trend' => 'up',
        'color' => 'green',
    ];
});

โš™๏ธ Configuration

Laravel Safeguard provides extensive configuration options:

// config/safeguard.php
return [
    'monitoring' => [
        'enabled' => true,
        'real_time_alerts' => true,
        'threat_intelligence' => true,
    ],
    
    'detection_rules' => [
        'sql_injection' => ['enabled' => true, 'sensitivity' => 'high'],
        'xss_protection' => ['enabled' => true, 'sanitize' => true],
        'brute_force' => ['enabled' => true, 'max_attempts' => 5],
    ],
    
    'compliance' => [
        'gdpr' => true,
        'hipaa' => false,
        'pci_dss' => true,
    ],
];

๐Ÿ“š Documentation

For detailed documentation, examples, and advanced usage:

๐Ÿ’ก Examples

Basic Security Monitoring

use Grazulex\LaravelSafeguard\Facades\Safeguard;

// Enable monitoring for specific models
class User extends Model
{
    use \Grazulex\LaravelSafeguard\Traits\Auditable;
    
    protected $auditableEvents = ['created', 'updated', 'login'];
}

// Monitor API endpoints
Route::middleware(['safeguard.monitor'])->group(function () {
    Route::get('/api/sensitive-data', [ApiController::class, 'getData']);
});

// Custom threat detection
Safeguard::threats()->detect('custom_threat', function ($request) {
    return $request->has('suspicious_parameter');
});

Advanced Security Configuration

// Custom security rules
Safeguard::rules()->add('financial_transaction', [
    'min_amount' => 0.01,
    'max_amount' => 10000,
    'require_2fa' => true,
    'suspicious_patterns' => [
        'rapid_succession' => true,
        'unusual_amounts' => true,
    ],
]);

// Security event handling
Safeguard::events()->listen('threat_detected', function ($threat) {
    // Automatically block suspicious IPs
    if ($threat->getSeverity() === 'critical') {
        Safeguard::firewall()->block($threat->getIpAddress());
    }
});

Check out the examples on the wiki for more examples.

๐Ÿงช Testing

Laravel Safeguard includes security testing utilities:

use Grazulex\LaravelSafeguard\Testing\SecurityTester;

public function test_sql_injection_protection()
{
    SecurityTester::make()
        ->attemptSqlInjection('/api/users?id=1; DROP TABLE users;--')
        ->assertBlocked()
        ->assertThreatLogged('sql_injection');
}

public function test_rate_limiting()
{
    SecurityTester::make()
        ->simulateRequests('/api/endpoint', 100)
        ->assertRateLimited()
        ->assertAuditLogged();
}

๐Ÿ”ง Requirements

  • PHP: ^8.3
  • Laravel: ^12.0
  • Carbon: ^3.10

๐Ÿš€ Performance

Laravel Safeguard is optimized for performance:

  • Minimal Overhead: Less than 2ms additional request time
  • Efficient Monitoring: Asynchronous threat detection
  • Caching: Security rules and patterns are cached
  • Database Optimized: Efficient audit log storage

๐Ÿค Contributing

We welcome contributions! Please see our Contributing Guide for details.

๐Ÿ”’ Security

If you discover a security vulnerability, please review our Security Policy before disclosing it.

๐Ÿ“„ License

Laravel Safeguard is open-sourced software licensed under the MIT license.

Made with โค๏ธ for the Laravel community

Resources

Community Links