Strict Domain Checking for Laravel

Strict Domain Checking for Laravel ensures seamless redirection to a specified domain, optimizing security and user experience within Laravel applications.

View the Project on GitHub ByteFlick/laravel-strict-domain

Strict Domain Checking for Laravel

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

Strict Domain Checking for Laravel is a lightweight package designed to seamlessly integrate with Laravel applications, providing a simple solution for domain-based redirection. With this package, you can ensure that incoming traffic to your Laravel application is redirected to a specified domain if the requesting domain doesn’t match the configured domain. By implementing a customizable middleware, developers can easily enforce domain consistency, enhancing security and user experience. Whether managing multiple domains or enforcing branding standards, this package offers a flexible and efficient solution for domain redirection within Laravel applications.

Installation

You can install the package via composer:

composer require byteflick/laravel-strict-domain

You can publish the config file with (Optional):

php artisan vendor:publish --provider="ByteFlick\LaravelStrictDomain\LaravelStrictDomainServiceProvider"

This is the contents of the published config file:

return [
    'include_sub_domains' => true,
    'domain' => env('APP_DOMAIN', 'localhost.com'),
];

Usage

Step 1: Configure the Environment

You need to add an environment variable called APP_DOMAIN to your .env file. The value of this variable is used for validating the incoming traffic.

APP_DOMAIN=localhost.com

Step 2: Apply the Middleware

2.1 Redirecting External Traffic

If you want to redirect incoming traffic to your application from other domain/hosts to your own then you can use RedirectExternalTraffic middleware. This is useful when you want to redirect all the traffic from johndoe.com ( referrer domain) and other domains/hosts to janedoe.com (your designated domain).

On Specific Routes Only

You can add the middleware to individual routes or apply it via a route group.

Globally For Laravel 11

Append the middleware to your default middlewares into your bootstrap/app.php via the code below to redirect all external traffic outside your designated host to your designated host.

->withMiddleware(function (Middleware $middleware) {
     $middleware->append(\ByteFlick\LaravelStrictDomain\Middlewares\RedirectExternalTraffic::class);
})
Globally For Laravel 10

Add the middleware to your default middlewares into your App\Http\Kernel.php via the code below to redirect all external traffic outside your designated host to your designated host.

protected $middleware = [
    \ByteFlick\LaravelStrictDomain\Middlewares\RedirectExternalTraffic::class,
];

2.2 Blocking External Traffic

If you want to block incoming traffic to your application from other domain/hosts to your own then you can use BlockExternalTraffic middleware. This is useful when you want to allow traffic from janedoe.com but block johndoe.com and others to your application.

On Specific Routes Only

You can add the middleware to individual routes or apply it via a route group.

Globally For Laravel 11

Append the middleware to your default middlewares into your bootstrap/app.php via the code below to block all external traffic outside your designated host.

->withMiddleware(function (Middleware $middleware) {
     $middleware->append(\ByteFlick\LaravelStrictDomain\Middlewares\BlockExternalTraffic::class);
})
Globally For Laravel 10

Add the middleware to your default middlewares into your App\Http\Kernel.php via the code below to block all external traffic outside your designated host.

protected $middleware = [
    \ByteFlick\LaravelStrictDomain\Middlewares\BlockExternalTraffic::class,
];

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.