Download the PHP package emotality/laravel-block-cf-origin without Composer
On this page you can find all versions of the php package emotality/laravel-block-cf-origin. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download emotality/laravel-block-cf-origin
More information about emotality/laravel-block-cf-origin
Files in emotality/laravel-block-cf-origin
Package laravel-block-cf-origin
Short Description Laravel package to block direct requests to your Cloudlfare-protected origin server.
License MIT
Homepage https://github.com/emotality/laravel-block-cf-origin
Informations about the package laravel-block-cf-origin
Block non-Cloudflare requests in Laravel
Laravel package to block direct requests to your Cloudlfare-protected origin server.
Overview
This packages should only be used when the following applies:
- You can't add firewall rules (to only accept requests from CF Edge IP addresses) because your server is shared with other projects that don't use Cloudflare. If you have a single app running on your server, rather add firewall rules.
- You can't add deny/allow rules to your Nginx/Apache config because you are using the
set_real_ip_from
/mod_remoteip
module to forward the user's real IP (X-Forwarded-For). If you don't need to forward the user's real IP, rather add deny/allow rules to your Nginx/Apache config. - You can't install
cloudflared
and create a tunnel. Read more
See Useful Links section below for more information.
Requirements
- PHP 8.0+
- PHP Redis extension
- Laravel 9.0+
*Note: This package only supports the Redis cache driver!
Installation
composer require emotality/laravel-block-cf-origin
php artisan vendor:publish --provider="Emotality\Cloudflare\CloudflareBlockOriginServiceProvider"
-
Add the middleware in
app/Http/Kernel.php
: -
Add the cronjob to update Cloudflare's netmasks:
- Update your
config/cloudflare-block.php
config and.env
accordingly. - Add FastCGI (PHP-FPM) param to your Nginx config:
_$realip_remote_addr
will be Cloudflare's IP if the request went through a Cloudflare Edge proxy, or the user's IP if the request was direct.
$remote_addr
will be the user's IP address._
Useful Links
- Cloudflare IP ranges
- Cloudflare IP addresses
- Cloudflare Tunnel
- Restoring original visitor IPs
- Protect your origin server
- Authenticated Origin Pulls
Contributing
This package is in its early stages, feel free to report any issues or suggest improvements. Please use the master
branch for any pull requests.
License
laravel-block-cf-origin is released under the MIT license. See LICENSE for details.
All versions of laravel-block-cf-origin with dependencies
ext-redis Version *
illuminate/cache Version ^9.0|^10.0|^11.0
illuminate/console Version ^9.0|^10.0|^11.0
illuminate/http Version ^9.0|^10.0|^11.0
illuminate/support Version ^9.0|^10.0|^11.0
symfony/http-kernel Version ^6.0|^7.0