A lightweight Laravel security enhancement package by Bilal Khilji — designed to add advanced licensing, authorization, and integrity protection layers to your Laravel applications.
- 🧩 Plug-and-play Laravel Service Provider
- 🪪 License validation and encryption
- 🖥️ Machine fingerprinting support
- 🌐 IP, domain, and usage tracking
- 🧱 Pre-boot protection for unauthorized copies
- ⚙️ Helper functions for secure key management
- 🪶 Zero configuration — autoloaded via Composer
- 🧩 Dynamic patch injection for
Application.phpandindex.php
Require the package via Composer:
composer require ibilalkhilji/secure-laravelThen run the migrations (this step is required):
php artisan migrateThis will create the necessary database tables for license management and usage tracking.
No manual configuration or file export is required. The package auto-registers its service provider and uses sensible defaults for most environments.
You can, however, override behavior directly through environment variables or by extending the default classes under src/.
Example:
SECURE_LARAVEL_ENDPOINT=https://your-license-server.comSecureLaravel allows you to dynamically patch your Laravel core files — like Application.php and index.php — without modifying them manually.
Simply place your patch files inside the Patches folder located at the Laravel base path:
/basepath/Patches/
├── Application.php
└── index.php
At runtime, the package automatically detects and injects these patch files, ensuring seamless updates and rollback safety.
This is particularly useful for:
- Injecting licensing validation before Laravel boot
- Enforcing pre-startup checks for unauthorized copies
- Extending bootstrap logic securely
Fallback behavior: If no dynamic patch files are provided in the Patches folder, SecureLaravel will fall back to its built-in default implementations (no changes to your core files).
You can register or verify your license key using the helper:
use Ibilalkhilji\\SecureLaravel\\Facades\\SecureLaravel;
SecureLaravel::validateLicense('YOUR-LICENSE-KEY');Get a unique hash based on system and environment data:
$fingerprint = SecureLaravel::fingerprint();Record usage meta for your application:
SecureLaravel::track([
'ip' => request()->ip(),
'user_agent' => request()->userAgent(),
]);| Function | Description |
|---|---|
secure_check() |
Validates if the app is licensed |
secure_fingerprint() |
Returns system fingerprint |
secure_encrypt($data) |
Encrypts data with package key |
secure_decrypt($data) |
Decrypts data securely |
src/
├── Facades/
├── Http/
├── Services/
├── Traits/
├── Helpers/helpers.php
└── SecurityServiceProvider.php
You can use the provided middleware to protect routes:
Route::middleware(['secure.license'])->group(function () {
Route::get('/dashboard', [DashboardController::class, 'index']);
});Bilal Khilji 📧 kbinfo4u@gmail.com 🌍 GitHub: ibilalkhilji
This package is open-sourced software licensed under the MIT license.
If you’re building a SaaS or distributed Laravel product, this package is ideal for embedding robust licensing and usage validation directly into your codebase.
v1.0.11