FuelPHP is a simple, flexible, community-driven PHP web framework.

Firewall in Fuel Framework


Use PHP Composer:

composer require shieldon/shieldon

This will also install dependencies required for Shieldon:



1. Before Initializing Core

In your fuel/app/bootstrap.php file, after this line:

require COREPATH.'bootstrap.php';

Add the following code:


| Run The Shieldon Firewall
| Shieldon Firewall will watch all HTTP requests coming to your website.
if (isset($_SERVER['REQUEST_URI'])) {

    // This directory must be writable.
    // We put it in the `fuel/app/tmp` directory.
    $storage = __DIR__ . '/tmp/shieldon_firewall';

    $firewall = new \Shieldon\Firewall\Firewall();

    $response = $firewall->run();

    if ($response->getStatusCode() !== 200) {
        $httpResolver = new \Shieldon\Firewall\HttpResolver();

Please ensure that $storage directory exists and is writable.

2. Define a Route for the Firewall Panel

Now, modify your fuel/app/config/routes.php file and add the following code:


'firewall/panel(:everything)' => function () {
    $panel = new \Shieldon\Firewall\Panel();

The full example might look like this:


return array(
    '_root_'  => 'welcome/index',  // The default route
    '_404_'   => 'welcome/404',    // The main 404 route

    'hello(/:name)?' => array('welcome/hello', 'name' => 'hello'),

    'firewall/panel(:everything)' => function () {
        $panel = new \Shieldon\Firewall\Panel();

That's it.

Control Panel

You can access the Firewall Panel at /firewall/panel. To view the page, go to this URL in your browser:


The default login is shieldon_user, and the password is shieldon_pass. After logging into the Firewall Panel, the first thing you should do is change the login and password.

If Shieldon Firewall is enabled in the Daemon setting section, it will start monitoring your website. Make sure you have correctly set up the settings.