Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IP-based security settings #158

Closed
2 tasks done
zepich opened this issue Nov 22, 2023 · 0 comments
Closed
2 tasks done

Add IP-based security settings #158

zepich opened this issue Nov 22, 2023 · 0 comments
Assignees
@zepich
Labels
doc-prepared enhancement New feature or request
Milestone
v1.1

Comments

@zepich
Copy link
Member

zepich commented Nov 22, 2023
edited

Explanation

With the security settings of a project, it's possible to limit spam without creating many rules. However, since these settings apply to all users, it can be hard to define the correct values (not too strict or soft).

To help with this problem, we want to add an option to define rules based on the user's IP address (and if enabled, the GeoIP2 information like provider ASN and country code).

With this addition, it's possible to define the security settings with soft values for user origins A, B, and C and hard values for user origins E, F, and G. It's also possible to completely turn off the security settings for some countries. User origin means IP subnet, country code, or AS number.

Changes

  • Adjust the security settings page and add the new option to add, edit, and delete origin-based security settings
  • Adjust the frontend API to use the correct security settings

Suggested by

  • @mosparo/core-developers
@zepich zepich added the enhancement New feature or request label Nov 22, 2023
@zepich zepich added this to the v1.1 milestone Nov 22, 2023
@zepich zepich self-assigned this Nov 22, 2023
zepich added a commit that referenced this issue Nov 24, 2023
@zepich
Refactored the management of the security settings (#158).
d514d82 
With the refactored security settings, it's possible to add security guidelines, which are valid for some IP addresses (or country codes or AS numbers if GeoIP2 is enabled).

With these guidelines, enforcing stricter security settings for some users is possible, while others have less restrictive or no security settings.
zepich added a commit that referenced this issue Nov 24, 2023
@zepich
Added the determination of the security guideline (#158).
fbd22e2 
Loads all security guidelines from the database and evaluates which is the correct one for the client's IP address.

If none can be found, the general security settings of a project will be used.
@zepich zepich mentioned this issue Jan 10, 2024
Merged
@zepich zepich closed this as completed Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zepich zepich

Labels
doc-prepared enhancement New feature or request
Projects
No open projects
mosparo v1.1
Status: Done
Milestone
v1.1
Development

No branches or pull requests
1 participant
@zepich