Package Data | |
---|---|
Maintainer Username: | ircop |
Maintainer Contact: | wingman@ip-home.net (wingman) |
Package Create Date: | 2015-11-12 |
Package Last Update: | 2017-07-28 |
Language: | PHP |
License: | GPLv2 |
Last Refreshed: | 2024-12-19 03:21:26 |
Package Statistics | |
---|---|
Total Downloads: | 22,102 |
Monthly Downloads: | 281 |
Daily Downloads: | 12 |
Total Stars: | 20 |
Total Watchers: | 1 |
Total Forks: | 4 |
Total Open Issues: | 1 |
This tool designed for simple limiting some user requests. It makes it easy to add some protection from DB ddos or bruteforce attack.
1: install via composer
composer require ircop/antiflood
2: add service provider to providers
array in config/app.php
:
Ircop\Antiflood\AntifloodServiceProvider::class,
3: add facade alias to aliases
array in config/app.php
:
'Antiflood' => Ircop\Antiflood\Facade\Antiflood::class,
Checking for record existance with given ident.
Ident can be ip-address, login, anything unique.
$maximum - is maximum allowed value for this ident. Default is 1.
\Antiflood::check( $ident, $maximum = 1 );
// Or with IP identity
\Antiflood::checkIP( $maximum = 1 );
Putting record for given ident on given $minutes:
\Antiflood::put( $ident, $minutes = 10 );
// Or with IP identity
\Antiflood::putIP( $minutes = 10 );
This example limiting wrong login attempts from one ip-address to 5 tryes per 20 minutes:
public function postLogin()
{
$key = $_SERVER['REMOTE_ADDR'];
// If this ip has >= 5 failed login attempts in last 20 minutes, redirect user
// back with error:
if( \Antiflood::check( $key, 5 ) === FALSE )
return redirect()->back()->withErrors(['Too many login attempts! Try again later.']);
// ....
// ....
// ....
// After failed login put user ipaddr to antiflood cacte on 20 min.
// If there is no records with this ident, record will be added with value=1, else
// it will be increased.
\Antiflood::put( $key, 20 );
}
This code shows how to limit some functions like email, etc. to prevend flood from our server, for example.
public function postPasswordRecover()
{
$key = \Input::get('email');
if( \Antiflood::check( $key ) === FALSE )
return redirect()->back()->withErrors(['.....']);
// ....
// ....
// ....
\Antiflood::put( $key, 20 );
}