afd

command module
v0.0.0-...-36fa105 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 12, 2022 License: BSD-2-Clause Imports: 22 Imported by: 0

README

Appfw - Application Firewall Daemon

Small daemon to easily make application path specific rules. I.e. prevent bruteforcing your login system by:

  • Setting a 24hour (daily) limit on the total amount of login attempts;
  • Setting a limit of 3 attempts per IP per 24hour;
  • Setting a limit of 4 attempts per email per 24hour;

Code example:

curl 'http://127.0.0.1/fw?query=authlogin&limit=1500&strategy=24h_first'
curl 'http://127.0.0.1/fw?query=authlogin-$ip&limit=3&strategy=24h_last'

curl 'http://127.0.0.1/fw?query=authlogin-$email&limit=4&strategy=24h_last'
curl 'http://127.0.0.1/fw?query=authlogin-$email&limit=4&strategy=24h_last'
curl 'http://127.0.0.1/fw?query=authlogin-$email&limit=4&strategy=24h_last'
curl 'http://127.0.0.1/fw?query=authlogin-$email&limit=4&strategy=24h_last'
< 403 Reject further processing in your app

This daemon is just a fancy counter, by adding 'rules' to your website-code you easily extend your website with a fancy application firewall.

Using daemon with testing?

You can disable the 'Too many requests'-error by giving the Ratelimit-option the value 0;

Docker? docker run -it --rm -p 1337:1337 --env APPFW_LISTEN=:1337 --env APPFW_APIKEY=vqBKCiiZoEUpYBBP appfw:main -v

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
Accesslog
 Accesslog
Inspired by: github.com/leprosus/golang-ttl-map v1.1.7
 Inspired by: github.com/leprosus/golang-ttl-map v1.1.7

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.