core/php-commerce
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
php-commerce/Services
History
Snider c169f4161f security(webhooks): add per-IP rate limiting for webhook endpoints (P2-075) 
Add WebhookRateLimiter service with IP-based rate limiting for webhook
endpoints to prevent rate limit exhaustion attacks against legitimate
payment webhooks.

Changes:
- Add WebhookRateLimiter service with per-IP tracking
- Default: 60 req/min for unknown IPs, 300 req/min for trusted gateway IPs
- Support CIDR ranges for IP allowlisting
- Configure via commerce.webhooks.rate_limits and trusted_ips
- Update BTCPayWebhookController and StripeWebhookController
- Return proper 429 responses with Retry-After headers
- Replace global throttle:120,1 middleware with granular controls
- Add comprehensive tests for rate limiting behaviour

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 18:11:02 +00:00
..
PaymentGateway security(webhooks): add per-IP rate limiting for webhook endpoints (P2-075) 2026-01-29 18:11:02 +00:00
CheckoutRateLimiter.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
CommerceService.php security: add fraud scoring integration and coupon code sanitisation 2026-01-29 13:14:47 +00:00
ContentOverrideService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
CouponService.php security: add fraud scoring integration and coupon code sanitisation 2026-01-29 13:14:47 +00:00
CreditNoteService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
CurrencyService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
DunningService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
FraudService.php security: complete rate limiting and fraud service implementation (P1-040) 2026-01-29 16:09:29 +00:00
InvoiceService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
PaymentMethodService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
PermissionLockedException.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
PermissionMatrixService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
PermissionResult.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
ProductCatalogService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
ProrationResult.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
ReferralService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
RefundService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
SkuBuilderService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
SkuLineageService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
SkuParserService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
SubscriptionService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
TaxService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
UsageBillingService.php refactor: update Tenant module imports after namespace migration 2026-01-27 17:39:12 +00:00
WarehouseService.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
WebhookLogger.php refactor: migrate namespace from Core\Commerce to Core\Mod\Commerce 2026-01-27 16:23:12 +00:00
WebhookRateLimiter.php security(webhooks): add per-IP rate limiting for webhook endpoints (P2-075) 2026-01-29 18:11:02 +00:00