1. Description
PHPFirewall is a tool to allow/block connections to your web resource using IP address. The IP address details are either retrieved from local database or by making API calls to IP2Location.io
A typical network firewall is placed at the perimeter level of the network, before the internet router, to filter any incoming or outgoing traffic. Over the years, firewalls have advanced from not just being a layer 3/4 networking devices to expecting packets and then depending on the policy drop the packet or stream of packets coming from a particular source.
PHPFirewall application does not do any layer 7 (application layer) inspection. It is a simple firewall that can be placed between the internet and the web resource that you want to protect. It can be deployed on the same server or can hang somewhere in the network as a firewall on a stick to process requests coming from multiple web server applications.
The main idea was to make use of the IP2Location API information to allow/block traffic coming from a specific country or a state or a city, without the need of adding all IP addresses in the database. In addition of filtering geographically defined addresses, you can make use of this firewall locally, to filter traffic within your network as per Host or network addresses.
With a layer 3 firewall, the device (like cisco ASA, juniper firewall, etc)/software (like iptables on linux) acts as a firewall. With PHPFirewall, your resource entry point becomes the firewall and as per the policies defined on PHPFirewall, your script, which can be index.php or any php file, blocks/allows connections. See the following diagram:
Shown above is a simple example on how you would be placing the PHPFirewall application in terms of your network. As mentioned in the detailed description, your application acts as a firewall and PHPFirewall just stores the policies that you define and as per those policies suggests if the IP is allowed or blocked.