Introduction 

What does the extension do? 

The Firewall extension adds a web application firewall to your TYPO3 website. It inspects every frontend request before TYPO3 processes it and can:

  • Block requests from specific IP addresses or IP ranges
  • Block requests for suspicious paths, headers, or patterns
  • Limit how often a client can call certain pages (rate limiting)
  • Ban clients temporarily after repeated abuse (like Fail2Ban)
  • Record firewall events and show statistics in the backend

Administrators manage static block patterns directly in the TYPO3 backend module. Changes take effect immediately, without a deployment.

Relation to phirewall 

The firewall engine is the open-source package flowd/phirewall. The extension wires it into TYPO3: it registers the request middleware, loads your configuration file, resolves the client IP through TYPO3, and adds the backend module and the event log.

This documentation covers everything TYPO3-specific. All engine features (rule types, stores, advanced options) are documented at https://phirewall.de/ and are used exactly the same way inside TYPO3.

Where things live 

  • Firewall configuration: config/system/phirewall.php (see Configuration)
  • Backend managed block patterns: config/system/phirewall.patterns.json (see Backend module)
  • Recorded firewall events: database table tx_firewall_event (see Statistics)