Download the PHP package laravel-foundry/trusted-proxies without Composer
On this page you can find all versions of the php package laravel-foundry/trusted-proxies. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download laravel-foundry/trusted-proxies
More information about laravel-foundry/trusted-proxies
Files in laravel-foundry/trusted-proxies
Package trusted-proxies
Short Description Laravel trusted proxies configuration for applications behind CDNs, load balancers, or Docker networks. Supports Cloudflare, AWS CloudFront, Fastly, Docker Swarm, and custom proxies.
License GPL-3.0-or-later
Homepage https://github.com/laravel-foundry/trusted-proxies
Informations about the package trusted-proxies
Laravel Trusted Proxies
Laravel trusted proxies configuration for applications behind CDNs, load balancers, or Docker networks.
Why This Package?
Laravel has built-in support for trusted proxies, but configuring it correctly for real-world infrastructure — especially when combining a CDN with Docker Swarm — requires non-trivial setup across multiple files.
This package solves that with a single .env variable:
That's it. No middleware changes, no PHP configuration files, no hardcoded IP lists to maintain.
What it does that Laravel doesn't out of the box
- Multi-provider orchestration — declare multiple providers (
cloudflare,aws_cloudfront,fastly,docker) and the package merges their IP ranges automatically - Dynamic Cloudflare IPs — Cloudflare IP ranges are fetched from the official API and cached via
monicahq/laravel-cloudflare, so they never go stale - Docker Swarm aware — includes the Docker internal network ranges (
10.0.0.0/8,172.16.0.0/12) needed when the Swarm ingress acts as an internal proxy - Environment-based — different providers per environment (local, staging, production) without touching PHP code
What it does not do
It does not replace or wrap Laravel's TrustProxies middleware. It configures Request::setTrustedProxies() directly, letting Symfony's battle-tested header resolution handle everything.
Features
- Multiple CDN Support — Cloudflare (dynamic), AWS CloudFront, Fastly
- Docker Swarm Ready — handles Docker ingress networks and overlay networks
- Environment-Based Config — different settings for dev, staging, production
- Custom Proxy Support — add your own load balancers or reverse proxies
- Zero Configuration — works out of the box with sensible defaults
- Laravel Native — uses Laravel's built-in
Request::setTrustedProxies()
Requirements
- PHP >= 8.2
- Laravel Illuminate/Support
^10.0 | ^11.0 | ^12.0 | ^13.0 - Laravel Illuminate/HTTP
^10.0 | ^11.0 | ^12.0 | ^13.0
Installation
1. Install the package
The package auto-registers via Laravel's service provider discovery.
2. Configure environment variables
Add to your .env file:
That's it. The package will automatically configure trusted proxies on every request.
Configuration
Environment Variables
Available Providers
| Provider | Description | IP Source |
|---|---|---|
cloudflare |
Cloudflare CDN | Dynamic via API (cached) |
aws_cloudfront |
AWS CloudFront CDN | Static ranges |
fastly |
Fastly CDN | Static ranges |
docker |
Docker networks (bridge, custom, Swarm ingress) | Static ranges |
Publish Configuration (Optional)
For advanced customization, publish the config file:
This creates config/trustedproxies.php where you can customize settings.
Usage
Basic Usage
After installation, Laravel automatically gets the real client IP:
Environment-Specific Configurations
Local Development
Staging
Production with Docker Swarm
Important: Always keep docker enabled in production when using Docker Swarm. The Swarm ingress network acts as an internal proxy, so without trusting Docker IP ranges the real client IP cannot be resolved correctly even when Cloudflare provides it in CF-Connecting-IP.
Custom Load Balancer
Multiple CDN Providers
Common Use Cases
Rate Limiting
IP Whitelisting
Logging Real IPs
How It Works
Architecture
Why Trust Docker in Production?
With Docker Swarm, requests flow through the ingress network before reaching your container:
Without trusting Docker IPs, you'd see the ingress IP (10.0.x.x) instead of the real client IP. Cloudflare sends the real IP in CF-Connecting-IP, but you still need to trust the ingress network for Symfony to process the forwarded headers correctly.
Cloudflare IP Ranges
Cloudflare IP ranges are resolved dynamically at runtime via monicahq/laravel-cloudflare, which fetches them from https://www.cloudflare.com/ips-v4 and ips-v6 and stores them in Laravel's cache. You should schedule a periodic cache refresh to keep them up to date:
Or via Laravel scheduler in routes/console.php:
Troubleshooting
Still seeing proxy IPs?
Docker Swarm issues?
Testing
More info
See here.
Changelog
Please see CHANGELOG for a detailed list of changes for each release.
We follow Semantic Versioning and use Conventional Commits to automatically generate our changelog.
Release Process
- Major versions (1.0.0 → 2.0.0): Breaking changes
- Minor versions (1.0.0 → 1.1.0): New features, backward compatible
- Patch versions (1.0.0 → 1.0.1): Bug fixes, backward compatible
All releases are automatically created when changes are pushed to the main branch, based on commit message conventions.
Contributing
For your contributions please use:
See CONTRIBUTING for detailed guidelines.
Sponsor
License
All versions of trusted-proxies with dependencies
illuminate/http Version ^10.0 || ^11.0 || ^12.0 || ^13.0
illuminate/support Version ^10.0 || ^11.0 || ^12.0 || ^13.0
monicahq/laravel-cloudflare Version ^4.0
