env('FIREWALL_ENABLED', false), 'whitelist' => [env('FIREWALL_WHITELIST', '')], 'models' => [ 'user' => '\App\Models\Auth\User', // 'log' => '\App\Models\YourLogModel', // 'ip' => '\App\Models\YourIpModel', ], 'log' => [ 'max_request_size' => 2048, ], 'cron' => [ 'enabled' => env('FIREWALL_CRON_ENABLED', true), 'expression' => env('FIREWALL_CRON_EXPRESSION', '* * * * *'), ], 'responses' => [ 'block' => [ 'view' => env('FIREWALL_BLOCK_VIEW', null), 'redirect' => env('FIREWALL_BLOCK_REDIRECT', null), 'abort' => env('FIREWALL_BLOCK_ABORT', false), 'code' => env('FIREWALL_BLOCK_CODE', 403), ], ], 'notifications' => [ 'mail' => [ 'enabled' => env('FIREWALL_EMAIL_ENABLED', false), 'name' => env('FIREWALL_EMAIL_NAME', 'Akaunting Firewall'), 'from' => env('FIREWALL_EMAIL_FROM', 'firewall@mydomain.com'), 'to' => env('FIREWALL_EMAIL_TO', 'admin@mydomain.com'), ], 'slack' => [ 'enabled' => env('FIREWALL_SLACK_ENABLED', false), 'emoji' => env('FIREWALL_SLACK_EMOJI', ':fire:'), 'from' => env('FIREWALL_SLACK_FROM', 'Akaunting Firewall'), 'to' => env('FIREWALL_SLACK_TO'), // webhook url 'channel' => env('FIREWALL_SLACK_CHANNEL', null), // set null to use the default channel of webhook ], ], 'all_middleware' => [ 'firewall.ip', 'firewall.agent', 'firewall.bot', 'firewall.geo', 'firewall.lfi', 'firewall.php', 'firewall.referrer', 'firewall.rfi', 'firewall.session', //'firewall.sqli', 'firewall.swear', 'firewall.xss', //'App\Http\Middleware\YourCustomRule', ], 'middleware' => [ 'ip' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_IP_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], ], 'agent' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_AGENT_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], // https://github.com/jenssegers/agent 'browsers' => [ 'allow' => [], // i.e. 'Chrome', 'Firefox' 'block' => [], // i.e. 'IE' ], 'platforms' => [ 'allow' => [], // i.e. 'Ubuntu', 'Windows' 'block' => [], // i.e. 'OS X' ], 'devices' => [ 'allow' => [], // i.e. 'Desktop', 'Mobile' 'block' => [], // i.e. 'Tablet' ], 'properties' => [ 'allow' => [], // i.e. 'Gecko', 'Version/5.1.7' 'block' => [], // i.e. 'AppleWebKit' ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_AGENT_AUTO_BLOCK_ATTEMPTS', 5), 'frequency' => 1 * 60, // 1 minute 'period' => 30 * 60, // 30 minutes ], ], 'bot' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_BOT_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], // https://github.com/JayBizzle/Crawler-Detect/blob/master/raw/Crawlers.txt 'crawlers' => [ 'allow' => [], // i.e. 'GoogleSites', 'GuzzleHttp' 'block' => [], // i.e. 'Holmes' ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_BOT_AUTO_BLOCK_ATTEMPTS', 5), 'frequency' => 1 * 60, // 1 minute 'period' => 30 * 60, // 30 minutes ], ], 'geo' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_GEO_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'continents' => [ 'allow' => [], // i.e. 'Africa' 'block' => [], // i.e. 'Europe' ], 'regions' => [ 'allow' => [], // i.e. 'California' 'block' => [], // i.e. 'Nevada' ], 'countries' => [ 'allow' => [], // i.e. 'Albania' 'block' => [], // i.e. 'Madagascar' ], 'cities' => [ 'allow' => [], // i.e. 'Istanbul' 'block' => [], // i.e. 'London' ], // ipapi, extremeiplookup, ipstack, ipdata, ipinfo 'service' => 'ipapi', 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_GEO_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'lfi' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_LFI_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['get', 'delete'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ '#\.\/#is', ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_LFI_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'login' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_LOGIN_ENABLED', env('FIREWALL_ENABLED', true)), 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_LOGIN_AUTO_BLOCK_ATTEMPTS', 10), 'frequency' => 1 * 60, // 1 minute 'period' => 30 * 60, // 30 minutes ], ], 'php' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_PHP_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['get', 'post', 'delete'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ 'bzip2://', 'expect://', 'glob://', 'phar://', 'php://', 'ogg://', 'rar://', 'ssh2://', 'zip://', 'zlib://', ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_PHP_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'referrer' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_REFERRER_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'blocked' => [], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_REFERRER_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'rfi' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_RFI_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['get', 'post', 'delete'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ '#(http|ftp){1,1}(s){0,1}://.*#i', ], 'exceptions' => [], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_RFI_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'session' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_SESSION_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['get', 'post', 'delete'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ '@[\|:]O:\d{1,}:"[\w_][\w\d_]{0,}":\d{1,}:{@i', '@[\|:]a:\d{1,}:{@i', ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_SESSION_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'sqli' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_SQLI_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['get', 'delete'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ '#[\d\W](union select|union join|union distinct)[\d\W]#is', '#[\d\W](union|union select|insert|from|where|concat|into|cast|truncate|select|delete|having)[\d\W]#is', ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_SQLI_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'swear' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_SWEAR_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['post', 'put', 'patch'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'words' => [], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_SWEAR_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], 'url' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_URL_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'inspections' => [], // i.e. 'admin' 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_URL_AUTO_BLOCK_ATTEMPTS', 5), 'frequency' => 1 * 60, // 1 minute 'period' => 30 * 60, // 30 minutes ], ], 'whitelist' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_WHITELIST_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['all'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], ], 'xss' => [ 'enabled' => env('FIREWALL_MIDDLEWARE_XSS_ENABLED', env('FIREWALL_ENABLED', true)), 'methods' => ['post', 'put', 'patch'], 'routes' => [ 'only' => [], // i.e. 'contact' 'except' => [], // i.e. 'admin/*' ], 'inputs' => [ 'only' => [], // i.e. 'first_name' 'except' => [], // i.e. 'password' ], 'patterns' => [ // Evil starting attributes '#(<[^>]+[\x00-\x20\"\'\/])(form|formaction|on\w*|style|xmlns|xlink:href)[^>]*>?#iUu', // javascript:, livescript:, vbscript:, mocha: protocols '!((java|live|vb)script|mocha|feed|data):(\w)*!iUu', '#-moz-binding[\x00-\x20]*:#u', // Unneeded tags '#]*>?#i' ], 'auto_block' => [ 'attempts' => env('FIREWALL_MIDDLEWARE_XSS_AUTO_BLOCK_ATTEMPTS', 3), 'frequency' => 5 * 60, // 5 minutes 'period' => 30 * 60, // 30 minutes ], ], ], ];