IP/user-agent whitelisting

RuiSiang / PoW-Shield

Project dedicated to fight Layer 7 DDoS with proof of work, with an additional WAF and controller. Completed with full set of features and containerized for rapid and lightweight deployment.

https://shield.rs.me

MIT License

301 stars 62 forks source link

IP/user-agent whitelisting #417

Open ertugrulturan opened 1 year ago

ertugrulturan commented 1 year ago

Hello, Two whitelists can be added with IP or Useragent parties.

Reason:

Google Crawling Bots: https://developers.google.com/search/docs/crawling-indexing/verifying-googlebot (If it is not on the white list, the site will not appear on google and this will be harmful for seo.)
Payment callback systems. (white list ip)
Other API systems...

kristoftorok commented 1 year ago

Why don't you route the request directly to the backend based on IP or user agent? I wouldn't do that with a user agent though. I'd rather do it by IP address because it's harder to spoof. :D