@extends('admin.firewallplus.layout', ['fwpTab' => 'settings']) @section('fwp_title') Firewall-Plus: Settings @endsection @section('fwp_subtitle') Global limits, SMART defaults & webhooks @endsection @section('fwp') @if (session('success'))
{{ session('success') }}
@endif @if (session('warnings'))
Saved with warnings:
@endif @if ($errors->any())
Could not save:
@endif @php $val = fn (string $key, $default = null) => old($key, $settings[$key] ?? $default); $hasErr = fn (string $field) => $errors->has($field) ? ' has-error' : ''; $webhookSelected = old('webhook_events', $settings['webhook_events'] ?? []); if (!is_array($webhookSelected)) $webhookSelected = []; @endphp
@csrf
{{-- ═══════════════ GENERAL ═══════════════ --}}

Shown once, before a user activates Firewall-Plus on their first server. Plain text only - no HTML. Leave empty to skip this step entirely.

@error('tos_text')

{{ $message }}

@enderror
{{-- AbuseIPDB feature toggle --}}

Uncheck to globally disable the AbuseDB tab in the user panel. Users will not see the tab or be able to perform lookups until re-enabled.

Currently {{ number_format($abusedb_saved_count ?? 0) }} saved lookup record(s) stored.

Deletes all saved AbuseIPDB results from storage. Cannot be undone.

days

Pruned daily by firewall-plus:prune-audit-logs. 90 days is a good default; lower this if your database grows too fast.

@error('audit_retention_days')

{{ $message }}

@enderror

Changing this takes effect on the next node ping cycle.

@error('log_level')

{{ $message }}

@enderror
seconds

Default: 60 (once per minute). Example: 120 for a 2-minute cadence.

@error('node_ping_interval_seconds')

{{ $message }}

@enderror
{{-- ═══════════════ LIMITS ═══════════════ --}}

These caps are enforced on every save - users cannot exceed them. The node also re-checks them on apply so direct API calls cannot bypass them.

Maximums per server

Example: 100. Most servers need fewer than 20.

@error('max_rules_per_server')

{{ $message }}

@enderror

Example: 500. Stored in an ipset - 10,000 entries is still fast.

@error('max_whitelist_entries')

{{ $message }}

@enderror

Example: 500. Same ipset performance as whitelist.

@error('max_blacklist_entries')

{{ $message }}

@enderror

Example: 100. Oldest entries must be deleted when full.

@error('max_abusedb_saved_lookups')

{{ $message }}

@enderror

Rule value bounds

These control the allowed range for each field inside a rule. Example: a rate-limit rule's "packets/second" field can be capped to 1–10,000.

@foreach ($rule_value_bounds as $ruleType => $block)
{{ $block['label'] }} ({{ $ruleType }})
@foreach ($block['fields'] as $fieldKey => $spec)
{{ $spec['label'] }} @if (($spec['kind'] ?? 'int') === 'rate') - rate string like 50/second; min/max apply to the numeric part. @endif
@endforeach
@endforeach
{{-- ═══════════════ SMART ═══════════════ --}}
Leave these at defaults unless you know what you're doing. Wrong values can trigger false mitigations or make SMART slow to react. Full guide

Traffic baseline (EWMA)

Default: 0.3. Try 0.2 for less sensitive, 0.5 for faster reaction.

@error('smart_alpha')

{{ $message }}

@enderror

Default: 3.0. Lower = more sensitive. Higher = needs bigger spikes.

@error('smart_anomaly_multiplier')

{{ $message }}

@enderror

Default: 10. First 10 seconds after enable are ignored.

@error('smart_warmup_samples')

{{ $message }}

@enderror

Default: 50/second. Example: 100/second for busier servers.

@error('smart_rate_limit')

{{ $message }}

@enderror

Cooldown timers

How long SMART waits after traffic calms down before lowering protection. Think of L1 as a short timeout, L3 as a longer "penalty box" for repeat offenders.

sec

Default: 30s - short relief period.

@error('smart_cooldown_l1')

{{ $message }}

@enderror
sec

Default: 120s - escalation after repeated anomalies.

@error('smart_cooldown_l2')

{{ $message }}

@enderror
sec

Default: 300s - 5-minute lockdown for persistent attacks.

@error('smart_cooldown_l3')

{{ $message }}

@enderror

Grant SMART to individual servers under Servers & SMART.

{{-- ═══════════════ WEBHOOKS ═══════════════ --}}

Firewall-Plus can POST a notification to a URL (e.g. a Discord webhook) whenever something important happens - node goes offline, a limit is hit, emergency mode is toggled. These are infrastructure events. Per-server attack/mitigation alerts are configured by server owners under SMART in the client area.

Supports Discord webhooks, Slack incoming webhooks, or any custom endpoint. Leave blank to disable all panel webhooks.

@error('webhook_url')

{{ $message }}

@enderror

Uncheck events you don't want to receive notifications for.

@foreach ($admin_webhook_catalog as $evKey => $evLabel)
@endforeach
@error('webhook_events')

{{ $message }}

@enderror

Node offline alerts

Control how sensitive offline detection is and how many repeat alerts you receive during a long outage.

pings

Default: 2. At 60s interval, that is ~1 minute of failures. Try 3 for more tolerance.

@error('node_offline_fail_threshold')

{{ $message }}

@enderror
alerts

Default: 3. Set to 1 for a single alert only. Counter resets when the node comes back online.

@error('node_offline_webhook_max')

{{ $message }}

@enderror
{{-- /tab-content --}}
{{-- /box --}}
@include('admin.firewallplus.partials.ewma-guide-modal') @endsection