Skip to content
/ scanblock Public

Traefik plugin that blocks scanner IPs by counting 4xx status codes until a limit is hit.

License

MIT license
11 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

safing/scanblock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
testdata
testdata
 
 
.golangci.yml
.golangci.yml
 
 
.traefik.yml
.traefik.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
block.go
block.go
 
 
cache.go
cache.go
 
 
go.mod
go.mod
 
 
main.go
main.go
 
 
responsewriter.go
responsewriter.go
 
 

Repository files navigation

Scan Block Traefik Plugin

Traefik plugin that blocks scanner IPs by counting 4xx status codes until a limit is hit.

Can also play games with scanners.

Config

// MinScanRequests defines the minimum 4xx responses to observe before
// blocking an IP.
MinScanRequests uint64

// MinTotalRequests defines the minimum requests to observe before blocking
// an IP.
MinTotalRequests uint64

// MinScanPercent defines the minimum percent of 4xx responses of total
// requests before blocking an IP.
MinScanPercent float64

// BlockPrivate defines if private IP ranges (RFC1918, RFC4193) should be
// blocked too.
BlockPrivate bool

// PlayGames defines if the the plugin should respond with random 4xx status
// codes or even kill the connection sometimes.
PlayGames bool

// BlockSeconds defines for how many seconds an IP should be blocked.
BlockSeconds int

// RememberSeconds defines for how many seconds information about an IP
// should be cached after it was last seen.
RememberSeconds int

About

Traefik plugin that blocks scanner IPs by counting 4xx status codes until a limit is hit.

Topics

traefik-plugin

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

11 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases 1

Initial Release Latest
Dec 23, 2022

Languages