PHP download

PHP code example of ozankurt / laravel-security

1. Go to this page and download the library: Download ozankurt/laravel-security library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

ozankurt / laravel-security example snippets


// AppServiceProvider::boot()
Gate::define('viewShieldDashboard', fn ($user) => $user && $user->is_admin);


Route::middleware('firewall.all')->group(function () {
    Route::post('/login', LoginController::class);
});

Route::post('/api/upload', UploadController::class)
    ->middleware(['firewall.av_uploads', 'throttle:shield_login']);

Route::middleware(['firewall.acl', 'firewall.headers'])->group(function () {
    // Public site with security headers + ACL evaluation
});


// Storage strategy (sync default; queue/redis_batch for high traffic)
'storage' => ['driver' => env('LS_STORAGE_DRIVER', 'sync'), 'sample_rate' => ['live_traffic' => 0.1]],

// Audit log with HMAC chain tamper evidence
'audit' => ['drift' => ['enabled' => true, 'paths' => ['config/' => '*.php', '.env' => null]]],

// Scanner with ClamAV (composer suggest xenolope/quahog)
'scanner' => ['clamav' => ['enabled' => env('LS_CLAMAV_ENABLED', false)]],

// Three-layer bypass for admin lockout recovery
'bypass' => ['ips' => array_filter(explode(',', env('LS_BYPASS_IPS', '')))],

// Beyond-WF extras (all opt-in)
'headers' => ['enabled' => true, 'csp' => ['enabled' => false, 'use_nonce' => true]],
'honeypot' => ['enabled' => false, 'paths' => ['wp-admin', '.env', 'phpmyadmin', '.git/config']],
'scoring' => ['enabled' => false, 'threshold' => 100, 'window' => 3600],