Comprehensive security auditing and threat detection system for Laravel applications. Real-time monitoring, automated security assessments, and detailed security reporting.
- Overview
- β¨ Features
- π¦ Installation
- π Quick Start
- π Security Auditing
- π¨ Threat Detection
- π Security Dashboard
- βοΈ Configuration
- π Documentation
- π‘ Examples
- π§ͺ Testing
- π§ Requirements
- π Performance
- π€ Contributing
- π Security
- π License
Laravel Safeguard is a comprehensive security auditing and threat detection system for Laravel applications. It provides real-time monitoring, automated security assessments, and detailed reporting to keep your application secure.
Perfect for enterprise applications, security-conscious projects, and applications requiring compliance with security standards.
Laravel Safeguard is perfect for:
- Enterprise Applications - Comprehensive security monitoring
- Financial Systems - Fraud detection and prevention
- Healthcare Apps - HIPAA compliance and data protection
- E-commerce - Transaction security and user protection
- API Security - Rate limiting and abuse detection
- π Real-time Monitoring - Live security event tracking and alerting
- π Vulnerability Scanning - Automated security vulnerability detection
- π‘οΈ Intrusion Detection - Advanced threat detection algorithms
- π Security Dashboard - Comprehensive security metrics and reporting
- π¨ Alert System - Configurable alerts for security events
- π Access Control - Role-based access control monitoring
- π Audit Logging - Detailed security event logging
- π― Rate Limiting - Advanced rate limiting with threat intelligence
- β Compliance Reporting - Generate compliance reports
- π Security Analytics - Deep security insights and trends
- π§ͺ Penetration Testing - Built-in security testing tools
- β‘ Performance Optimized - Minimal impact on application performance
Install the package via Composer:
composer require grazulex/laravel-safeguardπ‘ Auto-Discovery
The service provider will be automatically registered thanks to Laravel's package auto-discovery.
Publish configuration:
php artisan vendor:publish --tag=safeguard-configphp artisan safeguard:install// config/safeguard.php
return [
'threat_detection' => [
'enabled' => true,
'sql_injection' => true,
'xss_protection' => true,
'brute_force' => true,
],
'rate_limiting' => [
'enabled' => true,
'requests_per_minute' => 60,
'burst_limit' => 100,
],
'audit_logging' => [
'enabled' => true,
'log_failed_logins' => true,
'log_data_access' => true,
],
];// app/Http/Kernel.php
protected $middleware = [
\Grazulex\LaravelSafeguard\Middleware\SecurityMonitor::class,
\Grazulex\LaravelSafeguard\Middleware\ThreatDetection::class,
];
protected $middlewareGroups = [
'web' => [
\Grazulex\LaravelSafeguard\Middleware\RateLimiter::class,
],
'api' => [
\Grazulex\LaravelSafeguard\Middleware\ApiProtection::class,
],
];use Grazulex\LaravelSafeguard\Facades\Safeguard;
// Get security dashboard data
$dashboard = Safeguard::dashboard();
// Check recent threats
$threats = Safeguard::getThreats(['last_24_hours' => true]);
// Generate security report
$report = Safeguard::generateReport('monthly');
// Get audit logs
$auditLogs = Safeguard::auditLogs()
->where('event_type', 'login_attempt')
->where('created_at', '>=', now()->subDays(7))
->get();Laravel Safeguard provides comprehensive security auditing:
// Enable automatic auditing
Safeguard::audit(User::class)->track([
'created', 'updated', 'deleted',
'login', 'logout', 'password_change'
]);
// Manual audit logging
Safeguard::log('user_data_access', [
'user_id' => auth()->id(),
'accessed_resource' => 'sensitive_data',
'ip_address' => request()->ip(),
]);
// Security scanning
$vulnerabilities = Safeguard::scan([
'sql_injection' => true,
'xss_vulnerabilities' => true,
'csrf_protection' => true,
'security_headers' => true,
]);Advanced threat detection capabilities:
use Grazulex\LaravelSafeguard\ThreatDetection\Detectors;
// Configure threat detectors
Safeguard::threats()->register([
Detectors\SqlInjectionDetector::class,
Detectors\XssDetector::class,
Detectors\BruteForceDetector::class,
Detectors\SuspiciousActivityDetector::class,
]);
// Real-time threat monitoring
Safeguard::threats()->monitor(function ($threat) {
// Log threat
Log::warning('Security threat detected', [
'type' => $threat->getType(),
'severity' => $threat->getSeverity(),
'details' => $threat->getDetails(),
]);
// Send alert
if ($threat->getSeverity() === 'high') {
Mail::to('[email protected]')->send(
new SecurityAlert($threat)
);
}
});Built-in security dashboard with comprehensive metrics:
// Access dashboard data
$dashboard = Safeguard::dashboard()->getData();
// Dashboard metrics include:
// - Threat detection statistics
// - Failed login attempts
// - Rate limiting statistics
// - Vulnerability scan results
// - Audit log summaries
// - Security score and trends
// Custom dashboard widgets
Safeguard::dashboard()->addWidget('custom_security_metric', function () {
return [
'title' => 'Custom Security Metric',
'value' => $this->calculateCustomMetric(),
'trend' => 'up',
'color' => 'green',
];
});Laravel Safeguard provides extensive configuration options:
// config/safeguard.php
return [
'monitoring' => [
'enabled' => true,
'real_time_alerts' => true,
'threat_intelligence' => true,
],
'detection_rules' => [
'sql_injection' => ['enabled' => true, 'sensitivity' => 'high'],
'xss_protection' => ['enabled' => true, 'sanitize' => true],
'brute_force' => ['enabled' => true, 'max_attempts' => 5],
],
'compliance' => [
'gdpr' => true,
'hipaa' => false,
'pci_dss' => true,
],
];For detailed documentation, examples, and advanced usage:
- π Full Documentation
- π― Examples
- π§ Configuration
- π§ͺ Testing
- π¨ Threat Detection
use Grazulex\LaravelSafeguard\Facades\Safeguard;
// Enable monitoring for specific models
class User extends Model
{
use \Grazulex\LaravelSafeguard\Traits\Auditable;
protected $auditableEvents = ['created', 'updated', 'login'];
}
// Monitor API endpoints
Route::middleware(['safeguard.monitor'])->group(function () {
Route::get('/api/sensitive-data', [ApiController::class, 'getData']);
});
// Custom threat detection
Safeguard::threats()->detect('custom_threat', function ($request) {
return $request->has('suspicious_parameter');
});// Custom security rules
Safeguard::rules()->add('financial_transaction', [
'min_amount' => 0.01,
'max_amount' => 10000,
'require_2fa' => true,
'suspicious_patterns' => [
'rapid_succession' => true,
'unusual_amounts' => true,
],
]);
// Security event handling
Safeguard::events()->listen('threat_detected', function ($threat) {
// Automatically block suspicious IPs
if ($threat->getSeverity() === 'critical') {
Safeguard::firewall()->block($threat->getIpAddress());
}
});Check out the examples on the wiki for more examples.
Laravel Safeguard includes security testing utilities:
use Grazulex\LaravelSafeguard\Testing\SecurityTester;
public function test_sql_injection_protection()
{
SecurityTester::make()
->attemptSqlInjection('/api/users?id=1; DROP TABLE users;--')
->assertBlocked()
->assertThreatLogged('sql_injection');
}
public function test_rate_limiting()
{
SecurityTester::make()
->simulateRequests('/api/endpoint', 100)
->assertRateLimited()
->assertAuditLogged();
}- PHP: ^8.3
- Laravel: ^12.0
- Carbon: ^3.10
Laravel Safeguard is optimized for performance:
- Minimal Overhead: Less than 2ms additional request time
- Efficient Monitoring: Asynchronous threat detection
- Caching: Security rules and patterns are cached
- Database Optimized: Efficient audit log storage
We welcome contributions! Please see our Contributing Guide for details.
If you discover a security vulnerability, please review our Security Policy before disclosing it.
Laravel Safeguard is open-sourced software licensed under the MIT license.
Made with β€οΈ for the Laravel community
- CODE_OF_CONDUCT.md - Our code of conduct
- CONTRIBUTING.md - How to contribute
- SECURITY.md - Security policy
- RELEASES.md - Release notes and changelog
