Laravel Reverb
First-party WebSocket server for Laravel — a self-hosted, Pusher-compatible WebSocket server that integrates natively with Laravel Broadcasting. Reverb features: drop-in replacement for Pusher Channels (uses pusher/pusher-php-server protocol), BROADCAST_CONNECTION=reverb in .env, Laravel Echo frontend client with Reverb connector, channel types (public, private, presence), broadcast() helper with ShouldBroadcast event interface, horizontal scaling via Redis pub/sub, and built-in support for Laravel Echo Server replacement. Ships with laravel/reverb package; starts with php artisan reverb:start. No monthly fees vs Pusher's paid tiers for high message volumes.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
REVERB_APP_SECRET must be kept private — it signs channel auth responses; exposure allows unauthorized channel subscriptions. Always use WSS (TLS) in production via nginx reverse proxy. Private channels require server-side auth; never rely on client-side checks for sensitive agent channel access.
⚡ Reliability
Best When
You have an existing Laravel app using Pusher Broadcasting and want to eliminate Pusher subscription costs by self-hosting, or you're building a new Laravel real-time app that needs WebSockets without external service dependency.
Avoid When
You need managed WebSocket infrastructure with global CDN and SLA guarantees, or you're not using Laravel Broadcasting.
Use Cases
- • Agent task progress streaming — AgentTaskUpdated event implements ShouldBroadcast { broadcastOn() { return new PrivateChannel('agent.'.$this->agent->id) } } broadcasts agent progress via WebSocket; frontend Echo.private('agent.'+id).listen('.AgentTaskUpdated', updateUI)
- • Real-time agent collaboration — presence channels track online users: Echo.join('agent-session.'+sessionId).here(members => setUsers(members)).joining(user => addUser(user)).leaving(user => removeUser(user)) enables agent co-editing sessions
- • Self-hosted Pusher replacement — REVERB_APP_ID, REVERB_APP_KEY, REVERB_APP_SECRET in .env; existing Pusher-based agent code works without changes by pointing to Reverb server; eliminates Pusher subscription costs for high-traffic agent platforms
- • Agent notification delivery — broadcast(new AgentAlertEvent($alert))->toOthers() broadcasts to all agent users except sender; toOthers() uses X-Socket-ID header to exclude broadcasting socket; instant agent alert delivery without polling
- • Scaled agent WebSocket cluster — REVERB_SCALING_ENABLED=true with Redis publish/subscribe allows multiple Reverb servers behind load balancer; agent WebSocket connections distributed across Reverb instances for horizontal scaling
Not For
- • Non-Laravel PHP projects — Reverb is Laravel-specific; for standalone WebSocket servers use Ratchet, Swoole, or Workerman with custom protocol
- • Managed WebSocket service — Reverb requires self-hosting and server management; if you need managed WebSockets with SLA, use Pusher Channels or Ably
- • Binary WebSocket protocols — Reverb uses Pusher protocol (JSON text frames); for binary WebSocket streams (audio/video agent data), use dedicated streaming infrastructure
Interface
Authentication
Private and presence channels require auth via Laravel Broadcasting auth endpoint (POST /broadcasting/auth). Reverb validates channel auth using REVERB_APP_KEY and REVERB_APP_SECRET. Public channels need no auth.
Pricing
Laravel Reverb is MIT licensed, maintained by the Laravel team. Server hosting costs are your own infrastructure.
Agent Metadata
Known Gotchas
- ⚠ php artisan reverb:start must run as separate process — Reverb is a long-running WebSocket server separate from php-fpm/nginx; not automatically started by Laravel; agent deployments need supervisor or systemd unit for reverb:start; forgetting Reverb process means WebSocket connections silently fail
- ⚠ REVERB_HOST must match from client perspective — REVERB_HOST=localhost works for local dev but production needs actual domain/IP; agent frontends connecting to ws://localhost:8080 fail in production; set REVERB_HOST to the public hostname and configure reverse proxy (nginx) for WSS (TLS) termination
- ⚠ Private channel auth uses Laravel session or API auth — Echo.private() triggers POST /broadcasting/auth with session cookie or Bearer token; agent API clients using stateless auth must set withCredentials: true and send Authorization header; missing auth header causes 403 on private agent channels
- ⚠ Reverb does not persist messages — messages sent while client is disconnected are lost; agent frontends must fetch missed updates via REST API on reconnect; use Laravel Echo's withoutOverlap() or application-level sequence numbers for agent event ordering
- ⚠ Horizontal scaling requires Redis — REVERB_SCALING_ENABLED=true needs REDIS_HOST configured; without Redis, events broadcast on one Reverb instance don't reach clients on other instances; agent WebSocket clusters silently lose messages without Redis pub/sub backplane
- ⚠ ShouldBroadcastNow vs ShouldBroadcast queue behavior — ShouldBroadcast queues event broadcasting via Laravel Queue; ShouldBroadcastNow bypasses queue and broadcasts synchronously; agent events needing immediate delivery use ShouldBroadcastNow; using ShouldBroadcast without running queue workers causes agent WebSocket events to never deliver
Alternatives
Full Evaluation Report
Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Laravel Reverb.
Scores are editorial opinions as of 2026-03-06.