Looking to hire Laravel developers? Try LaraJobs

laravel-browser-guard maintained by dakshraman

Description
A Laravel package to discourage right-click, shortcut keys, and casual DevTools access in the browser.
Author
dakshraman
Last update
2026/04/22 06:27 (dev-main)
License
MIT
Links
GitHub - Packagist
Downloads
0
Tags
browser - laravel - shortcuts - guard - devtools - right-click

dev-main

Last update
2026/04/22 06:27
License
MIT
Require
  • php ^7.1.3|^8.0
  • illuminate/support ^5.8|^6.0|^7.0|^8.0|^9.0|^10.0|^11.0|^12.0
Comments
comments powered by Disqus

Browser Guard

A Laravel package that discourages:

  • right click / context menu
  • selected shortcut keys like F12, Ctrl+Shift+I, Ctrl+Shift+J, Ctrl+Shift+C, Ctrl+U
  • casual DevTools opening through simple browser-side detection

Important note

This package does not provide real security. Anything running in the browser can be bypassed by a determined user. Use it only as a UI deterrent, not as a protection layer for sensitive data.

Installation

composer require dakshraman/laravel-browser-guard
php artisan browser-guard:install

Or publish manually:

php artisan vendor:publish --tag=browser-guard-config
php artisan vendor:publish --tag=browser-guard-assets

Add the script to your layout

In your main Blade layout, just before </body>:

@browserGuardScripts

Usage modes

1. Global mode

In config/browser-guard.php:

'mode' => 'global',

The script will load wherever @browserGuardScripts exists.

2. Middleware mode

In config/browser-guard.php:

'mode' => 'middleware',

Then apply the middleware only to routes you want to protect:

Route::middleware('browser.guard')->group(function () {
    Route::get('/protected-page', function () {
        return view('welcome');
    });
});

Useful config

'enabled' => true,
'block_right_click' => true,
'block_shortcuts' => true,
'detect_devtools' => true,
'show_alert' => true,
'alert_message' => 'This action is disabled on this page.',
'devtools_action' => 'alert', // alert | redirect | blank
'devtools_redirect_url' => '/',

Custom shortcuts

'shortcuts' => [
    ['key' => 'F12'],
    ['ctrl' => true, 'shift' => true, 'key' => 'I'],
    ['ctrl' => true, 'shift' => true, 'key' => 'J'],
    ['ctrl' => true, 'shift' => true, 'key' => 'C'],
    ['ctrl' => true, 'key' => 'U'],
],

Excluding paths

'except_paths' => [
    'admin/api/*',
    'health-check',
],

File structure

browser-guard/
├── composer.json
├── config/
│   └── browser-guard.php
├── resources/
│   ├── js/
│   │   └── browser-guard.js
│   └── views/
│       └── script.blade.php
└── src/
    ├── BrowserGuardServiceProvider.php
    ├── Commands/
    │   └── InstallBrowserGuardCommand.php
    └── Middleware/
        └── BrowserGuardMiddleware.php

Suggested improvements

If you want this package to feel more production-ready, the next upgrades are:

  • add tests with Orchestra Testbench
  • add a facade or helper for runtime toggling
  • add a small toast UI instead of alert()
  • add IP/user-based exemptions
  • add an inline-script fallback when published assets are missing

License

MIT