README

A Laravel Package to Block Automated Scanners from Scanning your Site.

• Installation
• Configuration
• Usage
• Changelog
• Contributing
• Security
• Credits
• License
• Version

Installation

$ composer require noobsec/antiscanscanclub-laravel

• Please keep up-to-date this package to latest commit

$ composer require noobsec/antiscanscanclub-laravel:dev-master

Laravel 5+

Setup

1. Publish the config file

php artisan vendor:publish --provider="noobsec\AntiScanScanClub\AntiScanScanClubServiceProvider"

1. Create middleware

$ php artisan make:middleware AntiScanScanMiddleware

Configuration

1. Add ASSC_LIST in .env file:

NOTE: Blacklists file will be stored in storage/app/ path

ASSC_LIST="blacklists.json"

1. Edit the AntiScanScanMiddleware file (app/Http/Middleware/AntiScanScanMiddleware.php), approx like this:

<?php

namespace App\Http\Middleware;

use Closure;
use noobsec\AntiScanScanClub\AntiScanScanClub;

class AntiScanScanMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $ASSC = new AntiScanScanClub();
        $blocker = TRUE;
        $ASSC->checkIp($request->ip());

        if ($request->isMethod('GET') && $request->getQueryString() === NULL) {
            /**
             * Prevention of access to credentials and/ important files/path
             * (e.g: wp-admin.php, .git/, backups.tar.gz, www.sql)
             */

            $ASSC->filterFile($request->getPathInfo(), $blocker, $request->ip());
        } else {
            $ASSC->filterInput($request->all(), $blocker, $request->ip());
        }

        return $next($request);
    }
}

1. Add middleware to global HTTP middleware stack, edit Kernel file (app/Http/Kernel.php):

    protected $middleware = [
        ...
        \App\Http\Middleware\AntiScanScanMiddleware::class,
    ];

Usage

• Init AntiScanScanClub source

use noobsec\AntiScanScanClub\AntiScanScanClub;

$ASSC = new AntiScanScanClub();

• Check whether the client IP has been blocked or not

$clientIp = '127.0.0.1';

var_dump($ASSC->checkIp($clientIp)); // @return void/bool

• Add client IP to blacklists files

$clientIp = '127.0.0.1';
$attack_type = 'Added manually';

var_dump($ASSC->addToBlacklisted($clientIp, $attack)); // @return bool

• Prevention of illegal input based on filter rules

$data = [
    "input" => "Test payload",
    "textarea" => "<object/onerror=write`1`//"
];
$blocker = TRUE;
$clientIp = '127.0.0.1';

$ASSC->filterInput($data, $blocker, $clientIp); // @return void/bool

• Prevention of access to credentials and/ important files/path

e.g: wp-admin.php, .git/, backups.tar.gz, www.sql (see many more at filter_files.txt)

$url = "/wp-admin.php";
$blocker = TRUE;
$clientIp = '127.0.0.1';

$ASSC->filterFile($url, $blocker, $clientIp); // @return void/bool

• Remove client IP from blacklists file

$clientIp = '127.0.0.1';

var_dump($ASSC->removeFromBlacklists($clientIp)); // @return bool

• Purge and/ clean all client IPs from blacklists file

var_dump($ASSC->purgeBlacklistsFile()); // @return bool

• Whitelisting one files/path from filterFile() rejection

var_dump($ASSC->whitelistFile('wp-admin.php')); // @return bool

• Whitelisting all public files recursively from filterFile() rejection

var_dump(whitelistPublicFiles()); // @return array

• Whitelisting uri of all registered routes from filterFile() rejection

var_dump(whitelistAllRoutes()); // @return array

• Add file and/ path to filterFile() rejection

$file = "api/adminLists";

var_dump(addToFilterFiles($file)); // @return integer/bool

• Restoring filterFile() rules to default

var_dump($ASSC->restoreFilterFiles()); // @return bool

NOTE

• If you call filterInput() and/ filterFile() method, you no longer need to call addToBlacklisted() method.
• Or if you want to call whitelistFile(), whitelistPublicFiles() and/ whitelistAllRoutes() method, make sure this is called before filterFile() and/ searchIp() method (or comment these methods, please check middleware).

Changelog

Please see the CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING.md for details.

Security

If you discover any security related issues, please email root@noobsec.org instead of using the issue tracker.

Credits

• noobSecurity
• dwisiswant0
• enygma
• maurosoria
• All Contributors

Supporting Materials

• Paper
• Slide

License

license. Please see the LICENSE file for more information.

Version

Current version is 2.0.3 and still development.