PSR-compliant adaptive security engine for brute-force protection, abuse detection, security event tracking, high-level login-flow logic, and real-time blocking β powered by unified multi-driver architecture (MySQL, Redis, MongoDB).
Maatify Security Guard is a fully decoupled, high-performance, multi-driver security engine for:
- Brute-force attack protection
- Credential stuffing detection
- IP reputation & abuse control
- Distributed attack throttling
- Audit-grade event tracking (Phase 4)
- High-level login-flow decisions + auto-blocking (Phase 5)
The engine integrates seamlessly with:
- Native PHP
- Slim Framework
- Laravel
- Custom API Gateways
- Microservices
All storage is abstracted via:
- maatify/data-adapters β Real MySQL / Redis / MongoDB
- maatify/data-fakes β Deterministic testing engine
The library guarantees:
β Zero vendor lock β Zero direct database clients β Perfect testability β Realβfake execution symmetry
π Full technical documentation:
β‘οΈ docs/README.full.md
- MySQLSecurityGuard
- RedisSecurityGuard
- MongoSecurityGuard
Each driver operates strictly through the unified AdapterInterface.
- SecurityEventDTO
- EventFactory
- Extensible Actions/Platforms
- Null / Sync / PSR Logger Dispatchers
- Automatic event emission from service
Security Guard now includes built-in login-flow intelligence:
handleAttempt()API- Automatic blocking after threshold
- Automatic reset on success
- Remaining block time reporting
- Runtime
SecurityConfig - Dispatching event metadata for all decisions
- Ready for future analytics layers
composer require maatify/security-guard$svc = new SecurityGuardService($adapter, $identifier);$result = $svc->handleAttempt($dto, success: false);
if ($result === null) {
echo "Login successful β attempts reset.";
} elseif (is_int($result)) {
echo "Failure count = {$result}";
} else {
echo "User blocked β remaining {$result} seconds.";
}$count = $svc->recordFailure($dto);$svc->setEventDispatcher(
new SyncDispatcher([
fn(SecurityEventDTO $e) => error_log("SECURITY EVENT: " . json_encode($e)),
])
);$svc->block(
new SecurityBlockDTO(
ip: '192.168.1.10',
subject: 'user@example.com',
type: BlockTypeEnum::MANUAL,
expiresAt: time() + 3600,
createdAt: time()
)
);$event = SecurityEventFactory::custom(
action: SecurityAction::custom('password_reset'),
platform: SecurityPlatform::custom('api'),
ip: '192.168.1.10',
subject: 'user@example.com',
context: ['method' => 'email']
);
$svc->handleEvent($event);- Adaptive brute-force handling
- Distributed blocking system
- Manual & automatic block control
- LoginAttemptDTO
- SecurityBlockDTO
- SecurityEventDTO
- MySQL
- Redis
- MongoDB
- Factory-based event normalization
- Pluggable dispatchers
- Extensible actions & platforms
- Auto-blocking
- Success reset
- Remaining block time
- Config-driven thresholds
- Decision-level event emission
- Fake drivers through
maatify/data-fakes - 100% deterministic behavior
Application
β
SecurityGuardService (Phase 5 logic)
β
SecurityEventFactory β Dispatchers
β
SecurityGuard Drivers
β
maatify/data-adapters | maatify/data-fakes
- π Full Documentation β
docs/README.full.md - π¬ Examples β
examples/Examples.md - π§Ύ Changelog β
CHANGELOG.md - π Security Policy β
SECURITY.md
π Development Roadmap & Phase Plan
- Phase 1 β Environment Setup
- Phase 2 β Core Architecture & DTOs
- Phase 3 β Driver Implementations (MySQL / Redis / MongoDB)
- Phase 4 β Unified Event System + Dispatchers
- Phase 5 β High-Level Logic & Auto-Blocking Engine
- Phase 6 β Audit System
- Phase 7β14 β Monitoring, Webhooks, SIEM
| Phase | Description | Status |
|---|---|---|
| 1 | Environment Setup | β Completed |
| 2 | Core Architecture & DTOs | β Completed |
| 3 | Driver Implementations | β Completed |
| 4 | Event System & Dispatchers | β Completed |
| 5 | High-Level Logic & Auto-Blocking Engine | β Completed |
| 6 | Audit System | β³ Pending |
| 7β14 | Monitoring, Webhooks, SIEM | β³ Pending |
composer testMIT License Β© Maatify.dev
Developed by Mohamed Abdulalim https://www.maatify.dev
Built with β€οΈ by Maatify.dev