Laravel (PHP)
Integrating ProxyTracer into a Laravel application is incredibly straightforward. By creating a standard HTTP Middleware, you can protect your entire application globally or selectively apply it to sensitive routes (like /login or /checkout).
The Middleware
Laravel’s native $request->ip() method automatically handles load balancer extraction (assuming your TrustProxies middleware is configured correctly). We use the native Http facade to query the API and drop the request if flagged.
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Symfony\Component\HttpFoundation\Response;
class ProxyTracerMiddleware
{
/**
* Handle an incoming request.
*/
public function handle(Request $request, Closure $next): Response
{
// 1. Extract the IP (Laravel safely handles reverse proxies automatically)
$ip = $request->ip();
// Skip local development IPs
if (!in_array($ip, ['127.0.0.1', '::1'])) {
try {
// 2. Query ProxyTracer API with a strict 500ms timeout
$response = Http::withToken(env('PROXYTRACER_API_KEY'))
->timeout(0.5)
->get("https://api.proxytracer.com/v1/check/{$ip}");
if ($response->successful()) {
// 3. Drop the connection if a proxy is detected
if ($response->json('proxy') === true) {
return response()->json([
'error' => 'Access Denied: VPN or Proxy detected.'
], 403);
}
}
} catch (\Exception $e) {
// Fail open: Log the error and allow the request to ensure uptime
Log::warning("ProxyTracer validation failed: " . $e->getMessage());
}
}
// 4. Traffic is clean, proceed to the controller
return $next($request);
}
}Configuration
Generate the middleware using php artisan make:middleware ProxyTracerMiddleware.
To apply it globally, add it to your middleware stack.
-
Laravel 11: Add it inside your
bootstrap/app.phpfile under$middleware->append(). -
Laravel 10 and below: Add it to the
$middlewarearray inside yourapp/Http/Kernel.phpfile.