A simple (naive) web application firewall for Caddy to ban IPs based on requested URI patterns.
- tested? a little
- secure? nahh
- memory leak? big time
- simple? oh yeah
Refer to Caddyfile for example config
tinywaf {
bad_uris {
^/wp-admin/.+$
^/login.php
.*/wp-(includes|admin|content)/.*
}
ban_minutes 120
}
IP addresses making requests to bad_uris will be banned for ban_minutes and will receive a 403 Forbidden. Module is designed to be used with Cloudflare and will assume the Cf-Connecting-Ip header is present - change ServeHTTP logic if you don't want this.