moox/firewall

Moox Firewall is a simple application level firewall for Laravel and Filament.

Maintainers

Details

github.com/mooxphp/firewall

Homepage

Source

Issues

Fund package maintenance!
mooxphp

Installs: 26

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

1.0.11 2025-08-07 07:35 UTC

Requires

Requires (Dev)

  • moox/devtools: *

MIT aff67326e7b4ff1108414f3b005013fb35ba8771

  • Moox Developer <dev.woop@moox.org>

firewalllaravellaravel packageMOOXfilamentMoox package

This package is auto-updated.

Last update: 2025-08-07 07:36:02 UTC

README

Moox Firewall

Moox Firewall

Moox Firewall allows you to secure your Laravel application by restricting access to whitelisted IP addresses.

For maintenance or emergency access, you can enable a temporary backdoor using a secret access token.

Moox Firewall provides an additional security layer on top of your existing authentication mechanisms. It strengthens access control but does not replace Multi-Factor Authentication (MFA) as defined by the BSI.

Support for MFA and modern Passkeys is planned for an upcoming release, see Roadmap for more

Features

  • Application level firewall
  • IP Whitelisting
  • Backdoor with Token

Installation

composer require moox/firewall

and publish the config, to activate and adjust Moox Firewall:

php artisan vendor:publish --tag="firewall-config"

Screenshot

Firewall Backdoor

Configuration

You can configure all things in firewall.php:

return [
    // Enable firewall?
    'enabled' => env('MOOX_FIREWALL_ENABLED', true),

    // Whitelist IP addresses
    'whitelist' => array_filter(explode(',', env('MOOX_FIREWALL_WHITELIST', ''))),

    // Logo to display on the firewall page
    'logo' => env('MOOX_FIREWALL_LOGO', 'img/logo.png'),

    // Backdoor allowed?
    'backdoor' => env('MOOX_FIREWALL_BACKDOOR', true),

    // Backdoor bypass token
    'backdoor_token' => env('MOOX_FIREWALL_BACKDOOR_TOKEN', 'let-me-in'),

    // Firewall page message
    'message' => env('MOOX_FIREWALL_MESSAGE', 'Moox Firewall'),

    // Firewall page color as hex
    'color' => env('MOOX_FIREWALL_COLOR', 'darkblue'),

    // Firewall page description
    'description' => env('MOOX_FIREWALL_DESCRIPTION', 'Please enter your access token to continue.'),
];

Usage

  1. After installation you need to global_enable the firewall
  2. Set config values or use your environment to adjust it to your needs
  3. Use the backdoor token to log in or append it to your URL like ?backdoor_token=let-me-in

Roadmap

See the ROADMAP for more.

Security

Please review our security policy on how to report security vulnerabilities.

License

The MIT License (MIT). Please see our license and copyright information for more information.