Closed GabeL7r closed 5 years ago
Thanks @gabel0287
We're working on a new version that will extract all those common customizable items to a json file.
The idea is to have something like:
{
"general": {
"errorThreshold": 50,
"blockPeriod": 240,
"errorCodes": ["400", "401", "403", "404", "405"]
},
"uriList": {
"/login": {
"errorThreshold": 10,
"blockPeriod": 600
}
}
}
You're going to be able to define different thresholds for specif services. In the example above, the login API endpoint should throttle based on a smaller error rate.
PS: I included 401
code as recommended default set ;)
Use Case
We would like to block an IP address after an unusual amount of invalid login attempts. Our API returns a 401 status code for these attempts, however the log parser only matches against a list of ['400','403','404','405']
Proposed Solution
Make BLOCK_ERROR_CODES an environment variable and change the implementation to use a Regex instead of a list