{ "info": { "author": "", "author_email": "", "bugtrack_url": null, "classifiers": [ "Environment :: Web Environment", "Framework :: Django", "Framework :: Django :: 1.10", "Framework :: Django :: 1.11", "Framework :: Django :: 2.0", "Intended Audience :: Developers", "License :: OSI Approved :: BSD License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Topic :: Internet :: WWW/HTTP", "Topic :: Internet :: WWW/HTTP :: Dynamic Content" ], "description": "=========\nIP Shield\n=========\n\nIP Shield is a Django app that analyzes HTTP requests and returns lock pages to IP addresses that perform suspicious actions. IP Shield is a per-IP-address rate limiter that enforces the limit with a lock out period. IP Shield also allows you to write your own analysis functions, so anything in the HttpRequest object (URL variables, POST data, HTTP headers, etc.) could trigger page locking. The functionality is influenced by the program Fail2Ban.\n\n\nQuick start\n===========\n\n\n1. Install And Uninstall\n------------------------\nIt is probably easiest to just drop the source folder into your Django project as you would any other Django app. For completeness, the package installation instructions are written below.\n\nbuild the package:\n\n.. code-block:: sh\n\n python3 /path/setup.py sdist\n\ninstall the package:\n\n.. code-block:: sh\n\n pip3 install --user /path/django-ip-shield-0.1.6.tar.gz\n\nunistall the package:\n\n.. code-block:: sh\n\n pip3 uninstall django-ip-shield\n\n\n2. Modify settings.py\n---------------------\nAdd \"ipshield\" to your INSTALLED_APPS setting:\n\n.. code-block:: python\n\n INSTALLED_APPS = [\n ...\n 'ipshield',\n ]\n\n\n3. Migrate\n----------\n\nApply migrations for IP Shield by running:\n\n.. code-block:: sh\n\n python3 manage.py migrate\n\n\n4. Edit A View File\n-------------------\nIn a view file, import the filt_req decorator as shown below.\n\n.. code-block:: python\n\n from ipshield.views import filt_req\n\nAdd the following variables to the file.\n\n.. code-block:: python\n\n eventName = \"example name\" # a name for the event which is being monitored\n blockTime = 2 # minutes that an IP will be blocked\n findTime = 1 # number of minutes used to calculate the rate\n maxAllowed = 5 # number of events per findTime that will trigger blocking\n\nAs shown below, add the decorator above the view function that you wish to protect.\n\n.. code-block:: python\n\n @filt_req(eventName, blockTime, findTime, maxAllowed)\n def view(request):\n # function body\n\nReload the page six times in one minute. The page should now be locked for five minutes, and you should see a page reading \"Sorry! This page has been locked.\" The page will automatically unlock after two minutes.\n\n\n5. Custom Analysis\n-------------------------\nYou may analyze URL variables, POST data, IP address, etc. To do this, you must write a custom analysis function which will determine exactly what IP Sheild will consider to be suspicious. This function will be passed to the decorator. It should accept an HttpRequest object (which is typically named \"request\" in Django's documentation) as an input, and it should return a boolean value. An example is shown below.\n\n.. code-block:: python\n\n myFiltFunc = lambda request: request.GET.get('event') == '1'\n @filt_req(eventName, blockTime, findTime, maxAllowed, filtFunc = myFiltFunc)\n\nThe above example would block all requests which had the URL GET variable named 'event' that held a value of '1'. For example, the url below would be counted as an event.\n\n.. code-block:: sh\n\n a-given-url/?event=1\n\nIn contrast, the following would NOT be counted as an event.\n\n.. code-block:: sh\n\n a-given-url/?event=2\n\n\nAs another example, say that we want to monitor POST requests, but not GET requests. This could be implemented with the analysis function below.\n\n.. code-block:: python\n\n myFiltFunc = lambda request: request.method == 'POST'\n\n\n6. Custom View Functions\n-------------------------\nYou may also use custom view function. This is useful if you want to return some of the request data to the client, or if you simply wish to use a particular HTML template when a particular event occurs. To do this, you need to write a view function and pass it to the decorator. An example is shown below.\n\n.. code-block:: python\n\n def view_blocked(request):\n msg = \"We're Sorry! You did something that makes us uncomfortable.\"\n html = \"\".join((\"

\", msg, \"

\"))\n return HttpResponse(html, status=429)\n\n @filt_req(eventName, blockTime, findTime, maxAllowed, lockPageViewFunc = view_blocked)\n\n\n7. Caveats\n----------\n\nIP Shield makes the below function call.\n\n.. code-block:: python\n\n request.META.get('REMOTE_ADDR')\n\nBetween Django and any upstream servers, ensure that the REMOTE_ADDR header is properly set. Often, the HTTP_X_FORWARDED_FOR header is used in place of REMOTE_ADDR.", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/abstract-theory", "keywords": "", "license": "BSD License", "maintainer": "", "maintainer_email": "", "name": "django-ip-shield", "package_url": "https://pypi.org/project/django-ip-shield/", "platform": "", "project_url": "https://pypi.org/project/django-ip-shield/", "project_urls": { "Homepage": "https://github.com/abstract-theory" }, "release_url": "https://pypi.org/project/django-ip-shield/0.1.7/", "requires_dist": null, "requires_python": "", "summary": "A Django app for analyzing HTTP requests and blocking IP addresses.", "version": "0.1.7" }, "last_serial": 3422552, "releases": { "0.1.5": [ { "comment_text": "", "digests": { "md5": "070b167ce8b18eb731c47431d9f98bee", "sha256": "1ad0d71d91496d45de95e65b9daab8882f2cedc6a272ae07fdf1da1a7472e0a9" }, "downloads": -1, "filename": "django-ip-shield-0.1.5.tar.gz", "has_sig": false, "md5_digest": "070b167ce8b18eb731c47431d9f98bee", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5193, "upload_time": "2017-04-26T20:41:45", "url": "https://files.pythonhosted.org/packages/55/eb/c522f6cbb012c08307392043f470eb1c0e23c5b58f7304dc03af82fec484/django-ip-shield-0.1.5.tar.gz" } ], "0.1.7": [ { "comment_text": "", "digests": { "md5": "6c9e9cbe7fb8ac6e66d2b7481a05e13d", "sha256": "a97f108473d4cbd35d18c27b8825ae7c4f0ff95ea83117c96e3ab5c6e78f3a17" }, "downloads": -1, "filename": "django-ip-shield-0.1.7.tar.gz", "has_sig": false, "md5_digest": "6c9e9cbe7fb8ac6e66d2b7481a05e13d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5385, "upload_time": "2017-12-17T03:36:21", "url": "https://files.pythonhosted.org/packages/eb/c2/8266f9259143e92a0896ea10e7115252a82345569bdc205cc34ffdc57fa2/django-ip-shield-0.1.7.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "6c9e9cbe7fb8ac6e66d2b7481a05e13d", "sha256": "a97f108473d4cbd35d18c27b8825ae7c4f0ff95ea83117c96e3ab5c6e78f3a17" }, "downloads": -1, "filename": "django-ip-shield-0.1.7.tar.gz", "has_sig": false, "md5_digest": "6c9e9cbe7fb8ac6e66d2b7481a05e13d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5385, "upload_time": "2017-12-17T03:36:21", "url": "https://files.pythonhosted.org/packages/eb/c2/8266f9259143e92a0896ea10e7115252a82345569bdc205cc34ffdc57fa2/django-ip-shield-0.1.7.tar.gz" } ] }