This blog post details the implementation of rate limiting and IP blocking within a Willow CMS, focusing on the key code components and their rationale. This information is intended for developers looking to implement similar security measures in their projects. Since putting Willow live for this site, it has been interesting to view the logs and see all the attempts from Singapore trying to find exploits!

This comprehensive guide details how PHPUnit testing is implemented in Willow CMS, both locally and through GitHub Actions. The testing infrastructure includes 116 tests and 414 assertions, providing robust quality assurance. The setup revolves around five key components: a PHPUnit configuration file, GitHub Actions for continuous integration, shared test case code for DRY principles, controller tests for critical functionality, and code coverage reporting. The system uses random test execution to ensure independence and includes both admin and non-admin testing scenarios. The GitHub Actions workflow is particularly noteworthy, running tests across multiple PHP versions and incorporating various quality checks including PHPStan and PHP CodeSniffer.