Hello devs,
In this Laravel tutorial, I am going to explain a way of spam or bot attack to log in to our Laravel web application. So from this example, you will learn how to find Laravel suspicious login attempts. It is the most common matter that we need to protect our site from hackers. How can we find a hacker is trying to hack our site?
So in this example, I will show you a simple way to use the package to detect Laravel suspicious login attempts using this laravel-suspicious-logins package.. There is an awesome package in Laravel and this Laravel package helps you to track your user's logins and alert when a suspicious login occurs. This package is very easy to install and easy to set up.
Now let's see how to use this package. We can install this package via composer. So run the below command to install it.
composer require adventdevinc/laravel-suspicious-logins
Now we need to publish the database migration and run migrate to apply it.
php artisan vendor:publish --provider="AdventDev\SuspiciousLogins\SuspiciousLoginsServiceProvider" --tag="migrations"
//and then
php artisan migrate
Now we need to publish the suspicious-logins.php config file and then edit it (config/suspicious-logins.php) to set your preferences.
php artisan vendor:publish --provider="AdventDev\SuspiciousLogins\SuspiciousLoginsServiceProvider" --tag="config"
php artisan vendor:publish --provider="Torann\GeoIP\GeoIPServiceProvider" --tag="config"
Now keep remembering that before using this package, we have to add \AdventDev\SuspiciousLogins\Listeners\AuthEventSubscriber::class, to the $subscribe variable in the app/Providers/EventServiceProvider.php file. If it does not exist just add the code below.
app/Providers/EventServiceProvider.php
protected $subscribe = [
\AdventDev\SuspiciousLogins\Listeners\AuthEventSubscriber::class,
];
Everything is set to go. Now we can check. See some extra commands which are related to this package.
We can clear all login attempts in the database via this command:
php artisan suspicious-logins:clear
We can Test a GeoIP lookup and Advent Reputation response for {ip} via this command:
php artisan suspicious-logins:lookup {ip}
We can prune any logins older than 30 days. We automatically add this to your daily schedule via this following command:
php artisan suspicious-logins:prune
Recommended : How to Set Limit Login Attempts in Laravel 8
Hope it can help you to make your site more secure.
#laravel #laravel-8x #laravel-suspicious-logins