Skip to main content

A Django app for analyzing HTTP requests and blocking IP addresses.

Project description

IP Shield is a Django app that analyzes HTTP requests and returns lock pages to IP addresses that perform suspicious actions. IP Shield is a per-IP-address rate limiter that enforces the limit with a lock out period. IP Shield also allows you to write your own analysis functions, so anything in the HttpRequest object (URL variables, POST data, HTTP headers, etc.) could trigger page locking. The functionality is influenced by the program Fail2Ban.

Quick start

1. Install And Uninstall

It is probably easiest to just drop the source folder into your Django project as you would any other Django app. For completeness, the package installation instructions are written below.

build the package:

python3 /path/setup.py sdist

install the package:

pip3 install --user /path/django-ip-shield-0.1.6.tar.gz

unistall the package:

pip3 uninstall django-ip-shield

2. Modify settings.py

Add “ipshield” to your INSTALLED_APPS setting:

INSTALLED_APPS = [
    ...
    'ipshield',
]

3. Migrate

Apply migrations for IP Shield by running:

python3 manage.py migrate

4. Edit A View File

In a view file, import the filt_req decorator as shown below.

from ipshield.views import filt_req

Add the following variables to the file.

eventName = "example name" # a name for the event which is being monitored
blockTime  = 2  # minutes that an IP will be blocked
findTime   = 1  # number of minutes used to calculate the rate
maxAllowed = 5  # number of events per findTime that will trigger blocking

As shown below, add the decorator above the view function that you wish to protect.

@filt_req(eventName, blockTime, findTime, maxAllowed)
def view(request):
    # function body

Reload the page six times in one minute. The page should now be locked for five minutes, and you should see a page reading “Sorry! This page has been locked.” The page will automatically unlock after two minutes.

5. Custom Analysis

You may analyze URL variables, POST data, IP address, etc. To do this, you must write a custom analysis function which will determine exactly what IP Sheild will consider to be suspicious. This function will be passed to the decorator. It should accept an HttpRequest object (which is typically named “request” in Django’s documentation) as an input, and it should return a boolean value. An example is shown below.

myFiltFunc = lambda request: request.GET.get('event') == '1'
@filt_req(eventName, blockTime, findTime, maxAllowed, filtFunc = myFiltFunc)

The above example would block all requests which had the URL GET variable named ‘event’ that held a value of ‘1’. For example, the url below would be counted as an event.

a-given-url/?event=1

In contrast, the following would NOT be counted as an event.

a-given-url/?event=2

As another example, say that we want to monitor POST requests, but not GET requests. This could be implemented with the analysis function below.

myFiltFunc = lambda request: request.method == 'POST'

6. Custom View Functions

You may also use custom view function. This is useful if you want to return some of the request data to the client, or if you simply wish to use a particular HTML template when a particular event occurs. To do this, you need to write a view function and pass it to the decorator. An example is shown below.

def view_blocked(request):
    msg = "We're Sorry! You did something that makes us uncomfortable."
    html = "".join(("<html><body><h1><center>", msg, "</center></h1></body></html>"))
    return HttpResponse(html, status=429)

@filt_req(eventName, blockTime, findTime, maxAllowed, lockPageViewFunc = view_blocked)

7. Caveats

IP Shield makes the below function call.

request.META.get('REMOTE_ADDR')

Between Django and any upstream servers, ensure that the REMOTE_ADDR header is properly set. Often, the HTTP_X_FORWARDED_FOR header is used in place of REMOTE_ADDR.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-ip-shield-0.1.7.tar.gz (5.4 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page