A Laravel Package to Block Automated Scanners from Scanning your Site.
$ composer require noobsec/antiscanscanclub-laravel- Please keep up-to-date this package to latest commit
$ composer require noobsec/antiscanscanclub-laravel:dev-master- Publish the config file
php artisan vendor:publish --provider="noobsec\AntiScanScanClub\AntiScanScanClubServiceProvider"
- Create middleware
$ php artisan make:middleware AntiScanScanMiddleware- Add
ASSC_LISTin .env file:
NOTE: Blacklists file will be stored in storage/app/ path
ASSC_LIST="blacklists.json"
- Edit the AntiScanScanMiddleware file (app/Http/Middleware/AntiScanScanMiddleware.php), approx like this:
<?php
namespace App\Http\Middleware;
use Closure;
use noobsec\AntiScanScanClub\AntiScanScanClub;
class AntiScanScanMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$ASSC = new AntiScanScanClub();
$blocker = TRUE;
$ASSC->checkIp($request->ip());
if ($request->isMethod('GET') && $request->getQueryString() === NULL) {
/**
* Prevention of access to credentials and/ important files/path
* (e.g: wp-admin.php, .git/, backups.tar.gz, www.sql)
*/
$ASSC->filterFile($request->getPathInfo(), $blocker, $request->ip());
} else {
$ASSC->filterInput($request->all(), $blocker, $request->ip());
}
return $next($request);
}
}- Add middleware to global HTTP middleware stack, edit Kernel file (app/Http/Kernel.php):
protected $middleware = [
...
\App\Http\Middleware\AntiScanScanMiddleware::class,
];- Init AntiScanScanClub source
use noobsec\AntiScanScanClub\AntiScanScanClub;
$ASSC = new AntiScanScanClub();- Check whether the client IP has been blocked or not
$clientIp = '127.0.0.1';
var_dump($ASSC->checkIp($clientIp)); // @return void/bool- Add client IP to blacklists files
$clientIp = '127.0.0.1';
$attack_type = 'Added manually';
var_dump($ASSC->addToBlacklisted($clientIp, $attack)); // @return bool- Prevention of illegal input based on filter rules
$data = [
"input" => "Test payload",
"textarea" => "<object/onerror=write`1`//"
];
$blocker = TRUE;
$clientIp = '127.0.0.1';
$ASSC->filterInput($data, $blocker, $clientIp); // @return void/bool- Prevention of access to credentials and/ important files/path
e.g: wp-admin.php, .git/, backups.tar.gz, www.sql (see many more at filter_files.txt)
$url = "/wp-admin.php";
$blocker = TRUE;
$clientIp = '127.0.0.1';
$ASSC->filterFile($url, $blocker, $clientIp); // @return void/bool- Remove client IP from blacklists file
$clientIp = '127.0.0.1';
var_dump($ASSC->removeFromBlacklists($clientIp)); // @return bool- Purge and/ clean all client IPs from blacklists file
var_dump($ASSC->purgeBlacklistsFile()); // @return bool- Whitelisting one files/path from filterFile() rejection
var_dump($ASSC->whitelistFile('wp-admin.php')); // @return bool- Whitelisting all public files recursively from filterFile() rejection
var_dump(whitelistPublicFiles()); // @return array- Whitelisting uri of all registered routes from filterFile() rejection
var_dump(whitelistAllRoutes()); // @return array- Add file and/ path to filterFile() rejection
$file = "api/adminLists";
var_dump(addToFilterFiles($file)); // @return integer/bool- Restoring filterFile() rules to default
var_dump($ASSC->restoreFilterFiles()); // @return bool- If you call
filterInput()and/filterFile()method, you no longer need to calladdToBlacklisted()method. - Or if you want to call
whitelistFile(),whitelistPublicFiles()and/whitelistAllRoutes()method, make sure this is called beforefilterFile()and/searchIp()method (or comment these methods, please check middleware).
Please see the CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING.md for details.
If you discover any security related issues, please email root@noobsec.org instead of using the issue tracker.
license. Please see the LICENSE file for more information.
Current version is 2.0.3 and still development.