New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@lanonasis/security-shield

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lanonasis/security-shield

Edge-layer security for Netlify & Vercel - bot protection, WAF, attack mitigation. Part of the LanOnasis Security Suite.

latest
Source
npmnpm
Version
1.0.0
Version published
Maintainers
1
Created
Source

@lanonasis/security-shield

Edge-layer security for Netlify & Vercel deployments. Part of the LanOnasis Security Suite.

npm version License: MIT

Docs: https://docs.lanonasis.com | Platform: https://vortexshield.lanonasis.com

LanOnasis Security Suite

PackageLayerPurpose
@lanonasis/security-shieldEdge/CDNBot protection, WAF, attack mitigation
@lanonasis/security-sdkApplicationEncryption, key management, API keys
┌─────────────────────────────────────────────────────────────┐
│                        INTERNET                             │
└─────────────────────────────┬───────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────┐
│  🛡️ @lanonasis/security-shield (Edge Layer)                │
│  ├─ Bot Detection & Blocking                                │
│  ├─ Honeypot Traps                                          │
│  ├─ Attack Pattern Detection (SQLi, XSS, Path Traversal)    │
│  ├─ Sensitive File Protection (.env, .git, etc.)            │
│  └─ Security Headers (HSTS, CSP, X-Frame-Options)           │
└─────────────────────────────┬───────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────┐
│  🔐 @lanonasis/security-sdk (Application Layer)             │
│  ├─ AES-256-GCM Encryption                                  │
│  ├─ Key Derivation (HKDF, PBKDF2)                           │
│  ├─ API Key Generation & Hashing                            │
│  ├─ Password Hashing & Verification                         │
│  └─ Key Rotation                                            │
└─────────────────────────────┬───────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────┐
│                     YOUR APPLICATION                        │
└─────────────────────────────────────────────────────────────┘

Features

  • 🤖 Bot Detection - Block 50+ known malicious user agents
  • 🍯 Honeypot Traps - Slow down scanners with delayed responses
  • 🔒 Sensitive File Protection - Block access to .env, .git, config files
  • 🛑 Attack Pattern Detection - Block SQL injection, XSS, path traversal
  • 📝 Security Headers - HSTS, CSP, X-Frame-Options, and more
  • 📊 Security Logging - Track all blocked requests with geo data
  • Multi-Platform - Works with both Netlify and Vercel
  • 🔄 Auto-Detection - Automatically detects your deployment platform

Quick Start

Option 1: CLI (Recommended)

# Auto-detect platform (Netlify or Vercel)
npx @lanonasis/security-shield init

# Force specific platform
npx @lanonasis/security-shield init --vercel
npx @lanonasis/security-shield init --netlify

# Audit your security configuration  
npx @lanonasis/security-shield check

# Update to latest security rules
npx @lanonasis/security-shield update

Option 2: Manual - Vercel

npm install @lanonasis/security-shield

Create middleware.ts (or src/middleware.ts):

import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';

// Copy from templates/vercel/middleware.ts
export function middleware(request: NextRequest) {
  // Security logic here...
}

export const config = {
  matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
};

Option 3: Manual - Netlify

npm install @lanonasis/security-shield

Create netlify/edge-functions/security.ts:

import { createSecurityShield } from '@lanonasis/security-shield';

export default createSecurityShield();

export const config = {
  path: '/*',
  excludedPath: ['/favicon.ico', '/_next/static/*'],
};

Configuration

Using Presets

import { createSecurityShield, standardConfig, maxSecurityConfig } from '@lanonasis/security-shield';

// Standard protection (recommended)
export default createSecurityShield(standardConfig);

// Maximum protection
export default createSecurityShield(maxSecurityConfig);

Custom Configuration

import { createSecurityShield } from '@lanonasis/security-shield';

export default createSecurityShield({
  enableHoneypot: true,
  enableUserAgentBlocking: true,
  enablePathBlocking: true,
  enableLogging: true,
  honeypotDelay: 2000,
  blockResponse: 404,
  
  // Add custom rules
  customBlockedPaths: [/^\/internal-api/i],
  customBlockedUserAgents: [/my-competitor-bot/i],
});

Using with @lanonasis/security-sdk

For full-stack security, use both packages:

// Edge function (security-shield) - runs at CDN edge
// netlify/edge-functions/security.ts
import { createSecurityShield } from '@lanonasis/security-shield';
export default createSecurityShield();

// API route (security-sdk) - runs in your application
// api/store-credentials.ts
import { getSecuritySDK } from '@lanonasis/security-sdk';

export async function POST(request: Request) {
  const security = getSecuritySDK();
  const { apiKey } = await request.json();
  
  // Encrypt sensitive data before storing
  const encrypted = security.encrypt(apiKey, `user_${userId}_stripe`);
  await db.insert('credentials', encrypted);
  
  return Response.json({ success: true });
}

What Gets Blocked

Sensitive Files

.env, .git/, config.php, wp-config.php, *.sql, *.bak, *.log

Attack Vectors

WordPress probing, phpMyAdmin, webhook scanning, shell attempts, SQL injection, XSS

Malicious Bots

Security scanners (Nikto, Nmap, sqlmap), aggressive crawlers (Bytespider, PetalBot), SEO bots (Semrush, Ahrefs)

Files Generated

FilePurpose
netlify/edge-functions/security-shield.tsMain edge function
_headersSecurity headers
netlify.toml / security-redirects.tomlRedirect rules
robots.txtBot blocking rules
security-shield.config.jsonYour configuration

Security Logging

View logs at: https://app.netlify.com/projects/YOUR_SITE/logs/edge-functions

{
  "id": "a1b2c3d4",
  "type": "BLOCK",
  "reason": "MALICIOUS_USER_AGENT",
  "path": "/admin",
  "method": "GET",
  "userAgent": "sqlmap/1.0",
  "ip": "192.168.1.1",
  "country": "CN",
  "timestamp": "2024-01-16T12:00:00.000Z"
}

Related Packages

PackageDescription
@lanonasis/security-sdkEncryption, key management, API key generation
@lanonasis/privacy-sdkPII detection, data masking, GDPR compliance
@lanonasis/mem-intel-sdkMemory intelligence and context management
@lanonasis/oauth-clientOAuth client for LanOnasis services

License

MIT © LanOnasis

Built with 🔒 by the LanOnasis team

Keywords

netlify
vercel
security
bot-protection
edge-functions
middleware

FAQs

Package last updated on 16 Jan 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Don't Kill the Goose That Lays the Golden Eggs

Security News

Don't Kill the Goose That Lays the Golden Eggs

Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.

By Sarah Gooding  -  Apr 10, 2026
Feross on TBPN: How North Korea Hijacked Axios

Security News

Feross on TBPN: How North Korea Hijacked Axios

Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.

By Sarah Gooding  -  Apr 08, 2026