Libraries tagged by hardening

Hardens the vendor directory for when it's in the docroot.

Go to Download

Harden request headers, login interface and passwords to increase backend security.

Go to Download

Active malware prevention + on-disk scanner for Magento 2. Three real-time guards (REST API, universal upload, custom-options) block PolyShell webshells, polyglot files and PHP-object-injection payloads BEFORE they touch disk. A nightly recursive scanner finds anything that slipped through, auto-quarantines critical findings inside writable upload zones, and ships with a built-in vendor allowlist that prevents false positives on legitimate composer dependencies. Includes admin grid, in-admin documentation, signature catalog and email notifications.

Go to Download

Stellar Security hardening guard for Laravel (blocks APP_DEBUG=true on production-like hosts).

Go to Download

Addon for Cockpit CMS v1, that adds some hardening, cosmetics and helpers

Go to Download

Configurable security checks for Laravel applications. Run safety audits on environment variables, configuration files, and hidden routes to prevent common mistakes before going live.

Go to Download

Help secure your Elgg installation

Go to Download

PHP session management with security hardening, hijacking detection, and URL authorization for MPA and SPA applications

Go to Download

Hardens the vendor directory for when it's in the docroot.

Go to Download

Security Suite for WordPress REST API (Anti-Reconnaissance & Hardening).

Go to Download

Infrastructure hardening manifest engine for LEMP(self hosted) stacks

Go to Download

Enterprise security baseline extending security_review, key, encrypt, and compliance modules with FedRAMP, PCI, HIPAA, SOC2 automation and AI-powered security monitoring.

Go to Download

Accept.js tokenization (PCI SAQ A-EP) with direct card fields (no iframe) Accept Hosted (PCI SAQ A) supported as an alternative hosted flow Apple Pay: server-side merchant validation, cert management via env.php, domain verification support Google Pay: native sheet UX + automatic gateway ID detection PayPal: processed through Authorize.Net’s wallet integration Saved Cards: Authorize.Net Customer Profiles + opt-in save checkbox + saved card dropdown Webhooks: signed (HMAC-SHA512) endpoint + order history updates + event mapping for refunds/voids/chargebacks Security: encrypted API keys at rest, certs stored outside webroot, SSRF hardening, session transaction validation Modern stack: no Knockout dependencies, REST compatible, modular architecture

Go to Download

Queopius Sentinel — HTTP Security & HTTPS Hardening for Laravel

Go to Download

Module that makes it possible to enable login hardening from the admin. Makes use of (read: replaces) camfindlay/silverstripe-twofactorauth.

Go to Download