Moox Firewall allows you to secure your Laravel application by restricting access to whitelisted IP addresses.
For maintenance or emergency access, you can enable a temporary backdoor using a secret access token.
Moox Firewall provides an additional security layer on top of your existing authentication mechanisms. It strengthens access control but does not replace Multi-Factor Authentication (MFA) as defined by the BSI.
Support for MFA and modern Passkeys is planned for an upcoming release, see Roadmap for more
- Application level firewall
- IP Whitelisting
- Backdoor with Token
composer require moox/firewalland publish the config, to activate and adjust Moox Firewall:
php artisan vendor:publish --tag="firewall-config"
You can configure all things in firewall.php:
return [
// Enable firewall?
'enabled' => env('MOOX_FIREWALL_ENABLED', true),
// Whitelist IP addresses
'whitelist' => array_filter(explode(',', env('MOOX_FIREWALL_WHITELIST', ''))),
// Logo to display on the firewall page
'logo' => env('MOOX_FIREWALL_LOGO', 'img/logo.png'),
// Backdoor allowed?
'backdoor' => env('MOOX_FIREWALL_BACKDOOR', true),
// Backdoor bypass token
'backdoor_token' => env('MOOX_FIREWALL_BACKDOOR_TOKEN', 'let-me-in'),
// Firewall page message
'message' => env('MOOX_FIREWALL_MESSAGE', 'Moox Firewall'),
// Firewall page color as hex
'color' => env('MOOX_FIREWALL_COLOR', 'darkblue'),
// Firewall page description
'description' => env('MOOX_FIREWALL_DESCRIPTION', 'Please enter your access token to continue.'),
];- After installation you need to global_enable the firewall
- Set config values or use your environment to adjust it to your needs
- Use the backdoor token to log in or append it to your URL like
?backdoor_token=let-me-in
See the ROADMAP for more.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see our license and copyright information for more information.