bad-ip-laravel maintained by iridiumintel
bad_ip Laravel Wrapper
Laravel wrapper for bad_ip PHP SDK – automatic guards for IP, TOR, bots, bad queries, and login attempts.
🚀 Installation
composer require iridiumintel/bad-ip-laravel
Requires PHP 8.1+ and Laravel 10/11.
⚡️ Quick Start
- Publish the config file:
php artisan vendor:publish --tag=badip-config
- Add middleware to your app (global or per route):
\BadIp\Laravel\Middleware\BadIpMiddleware::class,
🔥 Features
- Automatic protection against:
- Malicious IPs
- TOR exit nodes
- Bots
- Bad queries (on 404 pages with query string)
- Brute force login attempts
- Automatic incident reporting back to the Bad IP API
- Config-driven guard activation
⚙️ Configuration
File: config/badip.php
return [
'token' => env('BADIP_TOKEN', ''),
'base_url' => env('BADIP_BASE_URL', 'https://bad-ip.iridiumintel.com/api/v1'),
'login_attempts' => env('BADIP_LOGIN_ATTEMPTS', 3),
'guards' => [
'ip' => true,
'tor' => true,
'bot' => true,
'query' => true,
'login' => true,
],
];
🧑💻 Usage
Global Middleware
protected $middleware = [
\BadIp\Laravel\Middleware\BadIpMiddleware::class,
];
Separate Middleware
If you prefer finer control, use individually:
\BadIp\Laravel\Middleware\CheckBadIp::class,
\BadIp\Laravel\Middleware\CheckTorMiddleware::class,
\BadIp\Laravel\Middleware\CheckBotMiddleware::class,
\BadIp\Laravel\Middleware\CheckBadQuery::class,
\BadIp\Laravel\Middleware\LoginGuardMiddleware::class,
Incident Reporting
use BadIp\RequestContext;
use BadIp\Laravel\Support\Helpers;
// Report bad query
$reporter->reportQuery(RequestContext::fromGlobals(), Helpers::origin());
// Report failed login
$reporter->reportLoginFailure(RequestContext::fromGlobals(), Helpers::origin());
// Report generic 404
$reporter->report404(RequestContext::fromGlobals(), Helpers::origin());
🧪 Testing
composer test
🤝 Contributing
Contributions are welcome! Please see the contributing guide.
📄 License
The MIT License (MIT). See LICENSE for more information.