PHP Brute Force Protection: Protect pages access against brute force attacks

Recommend this page to a friend!
  Info   Documentation   View files (18)   Download .zip   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
Not enough user ratingsTotal: 193 This week: 1All time: 8,368 This week: 255
Version License PHP version Categories
brutalforce 1.0.1The PHP License5PHP 5, Security
Description Author

This package can protect pages access against brute force attacks.

It can track and store in a file the number of repeated accesses from users of the same IP address.

When the accesses exceed a given limit, a form is presented with a CAPTCHA form using Recaptcha.

Picture of rodrigomanara
  Performance   Level  
Name: rodrigomanara <contact>
Classes: 1 package by
Country: United Kingdom
Age: 39
All time rank: 4055169 in United Kingdom
Week rank: 243 7 in United Kingdom


Latest Stable Version Total Downloads License composer.lock Build Status


  • Repository:
  • Version:

    composer require rmanara/brutalforce

Brute-Force method is used from many hackers but the <b>brutalforce</b> will help you void this problem by check the client IP and will count how many request in less than a 2 seconds how many request was done. Automaticly a file will be create and saved that ip and will save for futures request.

It is very simple setup and can be used in any frameworks.

very simple setup

$firewall = new BrutalForce\Firewall\Firewall(__DIR__, "sitekey", "secret");

specify type of handler


check if the firewall is locked

if ($firewall->isLocked()) {
    // here you check the recaptcha is already able to display
    if ($firewall->verify()->recaptcha['valid'] == false) {
        echo "<form method='post' action=''>";
        // diplay message 
        echo $firewall->verify()->recaptcha['form_message'];
        // show input
        echo $firewall->verify()->recaptcha['form'];
        echo "<button>send</button></form>";
    } else {
        echo $firewall->verify()->recaptcha['form_message']; PHP_EOL;
} else {
    echo "free to go" . PHP_EOL;

Reset the lock completely to original

by doing this the cound down will start from zero and the recaptcha will be called again from the last 3 counts



  • found issue on setup the file and folder to holder the ip


  • add new method to reset lock
  • remove setup file on handler
  • add request uri so the full url is recored and can be redirect to it if is need to
File Role Description
src (1 directory)
tests (1 file, 1 directory)
.travis.yml Data Auxiliary data
composer.json Data Auxiliary data
composer.lock Data Auxiliary data
phpunit.xml Data Auxiliary data Doc. Documentation

  Files  /  src  
File Role Description
BrutalForce (4 directories)

  Files  /  src  /  BrutalForce  
File Role Description
Component (2 files)
FileManager (1 file)
Firewall (3 files)
Handler (4 files)

  Files  /  src  /  BrutalForce  /  Component  
File Role Description
   CheckTime.php Class Class source
   RequestWrapper.php Class Class source

  Files  /  src  /  BrutalForce  /  FileManager  
File Role Description
   File.php Class Class source

  Files  /  src  /  BrutalForce  /  Firewall  
File Role Description
   Firewall.php Class Class source
   Holder.php Class Class source
   interfaceFirewall.php Class Class source

  Files  /  src  /  BrutalForce  /  Handler  
File Role Description
   ByAbstract.php Class Class source
   byFile.php Class Class source
   ByInterface.php Class Class source
   HandlerInterface.php Class Class source

  Files  /  tests  
File Role Description
BrutalForce (2 files)
   bootstrap.php Aux. Auxiliary script

  Files  /  tests  /  BrutalForce  
File Role Description
   ByFileTest.php Class Class source
   FirewallTest.php Class Class source

 Version Control Unique User Downloads Download Rankings  
This week:1
All time:8,368
This week:255

For more information send a message to info at phpclasses dot org.