wai-middleware-ip-block: Block requests by IP CIDR

This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.

[maintain] [Publish]

A WAI middleware that blocks incoming requests based on their IPs, using CIDR ranges.

[Skip to Readme]

Properties

Versions	0.1.0.0
Change log	CHANGELOG.md
Dependencies	aeson (>=1.0.2.1 && <1.1), base (>=4.9.1.0 && <4.10), bytestring (>=0.10.8.1 && <0.11), http-types (>=0.9.1 && <0.10), iproute (>=1.7.1 && <1.8), network (>=2.6.3.1 && <2.7), text (>=1.2.2.1 && <1.3), unordered-containers (>=0.2.8.0 && <0.3), wai (>=3.2.1.1 && <3.3), yaml (>=0.8.22 && <0.9) [details]
License	BSD-3-Clause
Copyright	2017 Echo Nolan
Author	Echo Nolan
Maintainer	echo@echonolan.net
Category	Web
Home page	https://github.com/enolan/wai-middleware-ip-block#readme
Source repo	head: git clone https://github.com/enolan/wai-middleware-ip-block
Uploaded	by EchoNolan at 2017-05-05T00:13:43Z

Modules

Network
- Wai
  - Middleware
    - Network.Wai.Middleware.IpBlock

Downloads

wai-middleware-ip-block-0.1.0.0.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

EchoNolan

For package maintainers and hackage trustees

edit package information

Readme for wai-middleware-ip-block-0.1.0.0

[back to package description]

wai-middleware-ip-block: Block incoming requests by CIDR IP ranges.

This is a WAI middleware for blocking incoming requests by IP range.

See Haddock for documentation, including the YAML configuration format.

To use this with the Yesod scaffold, modify the makeApplication function in Application.hs like so:

makeApplication :: App -> IO Application
makeApplication foundation = do
    logWare <- makeLogWare foundation
    -- Create the WAI application and apply middlewares
    appPlain <- toWaiAppPlain foundation
    ipBlock <- ipBlockMiddlewareFromFileEnv "IP_BLOCK_CFG" basicDenyResponse
    return $ ipBlock $ logWare $ defaultMiddlewaresNoLogging appPlain

When your server launches, it'll look for an environment variable IP_BLOCK_CFG. That should have the path to a YAML formatted configuration file. The details of that format are in the Haddock.

Don't rely on this for security. I wrote this so I could put a site up on the internet before I was ready to make it public. IP based blocking is in general a weak measure and this package in particular has undergone relatively little testing, none of it adversarial.