All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
The public API of this library consists of all public or protected methods, properties and constants belonging to the src folder.
As far as possible, we try to adhere to Symfony guidelines when deciding whether a change is a breaking change or not.
4.3.1 - 2026-02-16
- Fix deprecation warnings in PHP 8.5
4.3.0 - 2025-04-30
- Add
hasBaasUrimethod to detect if the bouncer is connected to a Block As A Service Lapi - Add
resetUsageMetricsmethod to reset the usage metrics cache item
4.2.0 - 2025-01-31
- Allow Monolog 3 package and Symfony 7 packages
4.1.0 - 2025-01-10
- Do not save origins count when the bouncer does not bounce the IP, due to business logic. This avoids sending a "processed" usage metrics to the LAPI when the IP is not bounced at all.
4.0.0 - 2025-01-09
- Add
pushUsageMetricsmethod toAbstractBouncerclass - Save origins count item in cache after a remediation has been applied
- Breaking change:
AbstractBouncer::getRemediationForIpmethod returns now an array withremediationandoriginkeys. - Breaking change:
$remediationEngineparams ofAbstractBouncerconstructor is now aLapiRemediationEngineinstance - Breaking change:
AbstractBouncer::getAppSecRemediationForIpdon't need$remediationEngineparam anymore - Breaking change:
AbstractBouncer::handleRemediationrequires a neworiginparam - Update
crowdsec/remediation-enginedependency tov4.0.0
- Breaking change: Remove
bouncing_levelconstants and configuration as it is now incrowdsec/remediation-enginepackage
3.2.0 - 2024-10-23
- Add protected
buildRequestRawBodyhelper method toAbstractBouncerclass
3.1.0 - 2024-10-18
- Update
crowdsec/remediation-enginedependency tov3.5.0(appsec_max_body_size_kbandappsec_body_size_exceeded_actionsettings)
3.0.0 - 2024-10-04
- Add AppSec support
- Add
use_appsecconfiguration
- Breaking change: Add abstract methods that must be implemented to use AppSec:
getRequestHostgetRequestHeadersgetRequestRawBodygetRequestUserAgent
bounceCurrentIpmethod asks for AppSec remediation ifuse_appsecis true and IP remediation isbypass- Update
crowdsec/commondependency tov2.3.0 - Update
crowdsec/remediation-enginedependency tov3.4.0
- Breaking change: Remove
DEFAULT_LAPI_URLconstant as it already exists incrowdsec/lapi-clientpackage
2.2.0 - 2024-06-20
- Change the visibility of
AbstractBouncer::getBanHtmlandAbstractBouncer::getCaptchaHtmltoprotectedto enable custom html rendering implementation
2.1.0 - 2023-12-14
- Update
gregwar/captchafrom1.2.0to1.2.1and remove override fixes - Update
crowdsec/commondependency tov2.2.0(api_connect_timeoutsetting) - Update
crowdsec/remediation-enginedependency tov3.3.0(api_connect_timeoutsetting)
2.0.0 - 2023-04-13
- Update
gregwar/captchafrom1.1.9to1.2.0and remove some override fixes
- Remove all code about standalone bouncer
1.4.0 - 2023-03-30
- Do not rotate log files of standalone bouncer
1.3.0 - 2023-03-24
- Use
crowdsec/remediation-engine^3.1.1instead of^3.0.0 - Use Redis and PhpFiles cache without cache tags
1.2.0 - 2023-03-09
- Use
crowdsec/remediation-engine^3.0.0instead of^2.0.0
- Add a script to prune cache with a cron job (Standalone bouncer)
1.1.1 - 2023-02-16
- Fix log messages for captcha remediation
1.1.0 - 2023-02-16
- Add more log messages during bouncing process
1.0.1 - 2023-02-10
- Update
AbstractBouncer::testCacheConnectionmethod to throw an exception for Memcached if necessary
1.0.0 - 2023-02-03
- Change version to
1.0.0: first stable release - Update
crowdsec/remediation-engineto a new major version 2.0.0 - Use
crowdsec/commonpackage as a dependency for code factoring
- Add public API declaration
0.36.0 - 2023-01-26
- Breaking changes: All the code has been refactored to use
crowdsec/remediation-enginepackage:- Lot of public methods have been deleted or replaced by others
- A bouncer should now extend an
AbstractBouncerclass and implements some abstract methods - Some settings names have been changed
0.35.0 - 2022-12-16
- Set default timeout to 120 and allow negative value for unlimited timeout
0.34.0 - 2022-11-24
- Do not cache bypass decision in stream mode
- Replace unauthorized chars by underscore
_in cache key
- Add compatibility with PHP 8.2
- Fix decision duration parsing when it uses milliseconds
0.33.0 - 2022-11-10
- Do not use tags for
memcachedas it is discouraged
- In stream mode, a clean IP decision (
bypass) was not cached at all. The decision is now cached for ten years as expected
0.32.0 - 2022-09-29
- Refactor for coding standards (PHPMD, PHPCS)
0.31.0 - 2022-09-23
- Use Twig as template engine for ban and captcha walls
0.30.0 - 2022-09-22
- Update
symfony/cacheandsymfony/configdependencies requirement
0.29.0 - 2022-08-11
- Add TLS authentication feature
0.28.0 - 2022-08-04
- Breaking change: Rename
ClientAbstractclass toAbstractClient - Hide
api_keyin log
- Add
disable_prod_logconfiguration
0.27.0 - 2022-07-29
- Breaking change: Modify
getBouncerInstanceandinitsignatures
- Fix wrongly formatted range scoped decision retrieving
- Fix cache updated decisions count
0.26.0 - 2022-07-28
- Breaking change: Modify all constructors (
Bouncer,ApiCache,ApiClient,RestClient) to use only configurations and logger as parameters - Use
shouldBounceCurrentIpmethod of Standalone before bouncer instantiation - Breaking change: Modify
initLoggermethod
0.25.0 - 2022-07-22
- Add a
use_curlsetting to make LAPI rest requests withcURLinstead offile_get_contents
0.24.0 - 2022-07-08
- Add a
configsattribute to Bouncer class
0.23.0 - 2022-07-07
- Add test configuration to mock IPs and proxy behavior
0.22.1 - 2022-06-03
- Handle custom error handler for Memcached tag aware adapter
0.22.0 - 2022-06-02
- Add configurations for captcha and geolocation variables cache duration
- Breaking change: Use cache instead of session to store captcha and geolocation variables
- Breaking change: Use symfony cache tag adapter
- Change
geolocation/save_in_sessionsetting intogeolocation/save_result
- Fix deleted decision count during cache update
0.21.0 - 2022-04-15
- Change allowed versions of
symfony/cachepackage
0.20.1 - 2022-04-07
- Handle old lib version (
< 0.14.0) settings values retro-compatibility for Standalone bouncer
- Fix
AbstractBounce:displayCaptchaWallfunction
0.20.0 - 2022-03-31
- Require a minimum of 1 for
clean_ip_cache_durationandbad_ip_cache_durationsettings - Do not use session for geolocation if
save_in_sessionsetting is not true.
0.19.0 - 2022-03-24
- Add
excluded_urisconfiguration to exclude some uris (was hardcoded to/favicon.ico)
- Change the redirection after captcha resolution to
/(was$_SERVER['REQUEST_URI']')
- Fix Standalone bouncer session handling
0.18.0 - 2022-03-18
- Breaking change: Change
trust_ip_forward_arraysymfony configuration node to an array of array.
0.17.1 - 2022-03-17
- Remove testing scripts for quality gate test
0.17.0 - 2022-03-17
- Breaking change: Refactor some logic of important methods (
init,run,safelyBounce,getBouncerInstance) - Breaking change: Change the configurations' verification by using
symfony/configlogic whenever it is possible - Breaking change: Change scripts path, name and content (specifically auto-prepend-file' scripts and settings)
- Breaking change: Change
IBounceinterface - Breaking change: Rename
StandAloneBounceclass byStandaloneBounce - Rewrite documentations
- Fix
api_timeoutconfiguration
- Remove all unmaintained test and development docker files, sh scripts and associated documentation
- Remove
StandaloneBounce::isConfigValidmethod as all is already checked
0.16.0 - 2022-03-10
- Add geolocation feature to get remediation from
Countryscoped decisions (using MaxMind databases) - Add end-to-end tests GitHub action
- Add GitHub action to check links in markdown and update TOC
- Breaking change: Remove
live_modeoccurrences and usestream_modeinstead - Change PHP scripts for testing examples (auto-prepend, cron)
- Update docs
- Fix debug log in
no-devenvironment - Fix empty logs in Unit Tests
0.15.0 - 2022-02-24
- Add tests for PHP 8.1 (memcached is excluded)
- Add GitHub action for Release process
- Add
CHANGELOG.md
- Use
BouncerExceptionfor some specific errors
- Fix auto-prepend script: set
debug_modeanddisplay_errorsvalues before bouncer init - Fix
gregwar/captchafor PHP 8.1 - Fix BouncerException arguments in
set_error_handlermethod
- Remove
composer.lockfile
0.14.0 - 2021-11-18
- Breaking change: Fix typo in constant name (
boucing=>bouncing) - Allow older versions of symfony config and monolog
- Split debug logic in 2 : debug and display
- Redirect if captcha is resolved
- Update doc and scripts
0.13.3 - 2021-09-21
- Fix session handling with standalone library
0.13.2 - 2021-08-24
- Handle invalid ip format
0.13.1 - 2021-07-01
- Close php session after bouncing
0.13.0 - 2021-06-24
- Fix standalone mode
0.12.0 - 2021-06-24
- Add standalone mode
0.11.0 - 2021-06-24
- Add a
Bounceclass to simplify specific implementations - Add a
Standaloneimplementation of theBounceclass
0.10.0 - 2021-01-23
- Add Ipv6 support
0.9.0 - 2021-01-13
- Add custom remediation templates
0.8.6 - 2021-01-05
- Fix version bump
0.8.5 - 2021-01-05
- Fix memcached edge case with long duration cache (unwanted int to float conversion)
0.8.4 - 2020-12-26
- Fix fallback remediation
0.8.3 - 2020-12-24
- Do not set expiration limits in stream mode
0.8.2 - 2020-12-23
- Fix release process
0.8.1 - 2020-12-22
- Fix release process
0.8.0 - 2020-12-22
- Add redis+memcached test connection
0.7.0 - 2020-12-22
- Make crowdsec mentions hidable
- Add phpcs
- Update doc
- Make a lint pass
- Fix fallback remediation
0.6.0 - 2020-12-20
- Remove useless dockerfiles
0.5.2 - 2020-12-19
- Update docs
0.5.1 - 2020-12-19
- Make a lint pass
0.5.0 - 2020-12-19
- Add cache expiration for bad ips
- Include the GregWar Captcha generation lib
- Build nice 403 and captcha templates
- Log captcha resolutions
- Use the latest CrowdSec docker image
- Use the "context" psr log feature for all logs to allow them to be parsable.
- Remove useless predis dependence
0.4.4 - 2020-12-15
- Improve logging
0.4.3 - 2020-12-13
- Improve logging
0.4.2 - 2020-12-12
- Fix durations bug
0.4.1 - 2020-12-12
- Use GitHub flow
0.4.0 - 2020-12-12
- Add release drafter
- Reduce cache durations
- Add remediation fallback
0.3.0 - 2020-12-09
- Set PHP Files cache adapter as default
- Replace phpdoc template with phpdocmd
- Improve documentation add examples and a complete guide.
- Auto warmup cache
0.2.0 - 2020-12-08
- Initial release